Lucene search
K

6 matches found

CVE
CVE
added yesterday8 views

CVE-2026-54477

CVE-2026-54477 affects the Gardyn IoT Hub admin panel, where the absence of standard security headers allows clickjacking and cross-site scripting. The available data show an impact with low confidentiality and integrity impact (CVSS scores: 5.1/4.0 base metrics, MEDIUM), but no explicit details ...

5.4CVSS5.6AI score
Exploits0References3
CVE
CVE
added yesterday10 views

CVE-2026-55726

CVE-2026-55726 concerns Gardyn IoT Hub: the Azure Blob Storage container used for device logs is publicly listable without authentication, enabling access to any device log file in that container. The root cause is a misconfiguration of storage permissions, exposing logs to unauthenticated users....

6.9CVSS5.8AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/02/26 10:35 p.m.4 views

CVE-2025-1242

The administrative credentials can be extracted through application API responses, mobile application reverse engineering, and device firmware reverse engineering. The exposure may result in an attacker gaining full administrative access to the Gardyn IoT Hub exposing connected devices to malicio...

9.3CVSS5.4AI score0.00438EPSS
Exploits2References1
EUVD
EUVD
added 2026/02/25 6:31 p.m.5 views

EUVD-2025-208113

The administrative credentials can be extracted through application API responses, mobile application reverse engineering, and device firmware reverse engineering. The exposure may result in an attacker gaining full administrative access to the Gardyn IoT Hub exposing connected devices to malicio...

9.3CVSS5.4AI score0.00438EPSS
Exploits2References4
NVD
NVD
added 2026/02/25 4:23 p.m.10 views

CVE-2025-1242

The administrative credentials can be extracted through application API responses, mobile application reverse engineering, and device firmware reverse engineering. The exposure may result in an attacker gaining full administrative access to the Gardyn IoT Hub exposing connected devices to malicio...

9.3CVSS0.00438EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 2026/02/25 3:21 p.m.3 views

CVE-2025-1242

The administrative credentials can be extracted through application API responses, mobile application reverse engineering, and device firmware reverse engineering. The exposure may result in an attacker gaining full administrative access to the Gardyn IoT Hub exposing connected devices to malicio...

9.3CVSS5.4AI score0.00438EPSS
Exploits2References4
Rows per page
Query Builder