EUVD-2018-15704

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Exploitable flaw in Samsung SmartThings Hub allows attacker to delete cameras via HTTP request.

Reporter	Title	Published	Views	Family All 9
CNVD	Samsung SmartThings Hub Denial of Service Vulnerability	31 Jul 201800:00	–	cnvd
CVE	CVE-2018-3918	27 Aug 201815:00	–	cve
Cvelist	CVE-2018-3918	27 Aug 201815:00	–	cvelist
NVD	CVE-2018-3918	27 Aug 201815:29	–	nvd
Prion	Cross site request forgery (csrf)	27 Aug 201815:29	–	prion
Positive Technologies	PT-2018-16310 · Samsung · Samsung Smartthings Hub	27 Aug 201800:00	–	ptsecurity
seebug.org	Samsung SmartThings Hub hubCore port 39500 sync denial-of-service vulnerability(CVE-2018-3918)	30 Jul 201800:00	–	seebug
Talos	Samsung SmartThings Hub hubCore port 39500 sync denial-of-service vulnerability	26 Jul 201800:00	–	talos
Talos Blog	Vulnerability Spotlight: Multiple Vulnerabilities in Samsung SmartThings Hub	26 Jul 201808:06	–	talosblog

[
  {
    "enisaIdVendor": [
      {
        "id": "a8d0763c-2389-3139-bf66-be74facf95f2",
        "vendor": {
          "name": "Samsung"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "3b498e88-2c8b-37a3-aeb0-9c0ed3864b1d",
        "product": {
          "name": "Samsung"
        },
        "product_version": "Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17"
      }
    ]
  }
]

Source	Link
talosintelligence	www.talosintelligence.com/vulnerability_reports/TALOS-2018-0582
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.7Medium risk

Vulners AI Score6.7

CVSS 36.5

CVSS 26.4

CVSS 3.17.5

EPSS0.00533