In Fibaro Home Center 2 and Lite devices in all versions provide a web based management interface over unencrypted HTTP protocol. Communication between the user and the device can be eavesdropped to hijack sessions, tokens and passwords.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fibaro home_center_2_firmware |
||
fibaro home_center_lite_firmware |