Lucene search

Harmony Hub Firmware Security Vulnerabilities

cve

CVE-2018-15721

The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP request. Remote attackers can use this vulnerability to gain access to the local...

9.8CVSS

9.2AI Score

0.012EPSS

2018-12-20 09:29 PM

cve

CVE-2018-15720

Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server that gave remote users access to the local...

9.8CVSS

9AI Score

0.012EPSS

2018-12-20 09:29 PM

cve

CVE-2018-15722

The Logitech Harmony Hub before version 4.15.206 is vulnerable to OS command injection via the time update request. A remote server or man in the middle can inject OS commands with a properly formatted...

8.1CVSS

8.3AI Score

0.001EPSS

2018-12-20 09:29 PM

cve

CVE-2018-15723

The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP request. An unauthenticated remote attacker can leverage this vulnerability to execute application defined commands (e.g....

9.8CVSS

9.9AI Score

0.025EPSS

2018-12-20 09:29 PM