Improper access control vulnerability in Smart Things before 1.7.85.25 allows local malicious users to add arbitrary smart devices by bypassing login activity.
samsung smartthings