Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2019-11063
HistoryAug 29, 2019 - 1:15 a.m.

Improper access control

2019-08-2901:15:00
PRIOn knowledge base
www.prio-n.com
3

8.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.3%

JSON

A broken access control vulnerability in SmartHome app (Android versions up to 3.0.42_190515, ios versions up to 2.0.22) allows an attacker in the same local area network to list user accounts and control IoT devices that connect with its gateway (HG100) via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3.0 base score 10 (Confidentiality, Integrity and Availability impacts). CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).

CPENameOperatorVersion
smarthomelt2.0.22
smarthomeeq< 3.0.42-190515

Related

cvelist 1
nvd 1
cve 1
githubexploit 1
cvelist
cvelist
CVE-2019-11063 SmartHome application has a broken access control vulnerability in its Web API Server
2019-08-20 00:00:00
nvd
nvd
CVE-2019-11063
2019-08-29 01:15:10
cve
cve
CVE-2019-11063
2019-08-29 01:15:10
githubexploit
githubexploit
Exploit for Missing Authentication for Critical Function in Asus Hg100 Firmware
2019-03-29 06:01:49

8.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.3%

JSON
Related for PRION:CVE-2019-11063
cvelist1nvd1cve1githubexploit1