9 matches found
CVE-2026-1201
An Authorization Bypass Through User-Controlled Key vulnerability in Hubitat Elevation home automation controllers prior to version 2.4.2.157 could allow a remote authenticated user to control connected devices outside of their authorized scope via client-side request manipulation...
EUVD-2026-4204
An Authorization Bypass Through User-Controlled Key vulnerability in Hubitat Elevation home automation controllers prior to version 2.4.2.157 could allow a remote authenticated user to control connected devices outside of their authorized scope via client-side request manipulation...
CVE-2026-1201
An Authorization Bypass Through User-Controlled Key vulnerability in Hubitat Elevation home automation controllers prior to version 2.4.2.157 could allow a remote authenticated user to control connected devices outside of their authorized scope via client-side request manipulation...
CVE-2026-1201 Authorization Bypass Through User-Controlled Key in Hubitat Elevation Hubs
An Authorization Bypass Through User-Controlled Key vulnerability in Hubitat Elevation home automation controllers prior to version 2.4.2.157 could allow a remote authenticated user to control connected devices outside of their authorized scope via client-side request manipulation...
CVE-2026-1201
An Authorization Bypass Through User-Controlled Key vulnerability in Hubitat Elevation home automation controllers prior to version 2.4.2.157 could allow a remote authenticated user to control connected devices outside of their authorized scope via client-side request manipulation...
CVE-2026-1201 Authorization Bypass Through User-Controlled Key in Hubitat Elevation Hubs
An Authorization Bypass Through User-Controlled Key vulnerability in Hubitat Elevation home automation controllers prior to version 2.4.2.157 could allow a remote authenticated user to control connected devices outside of their authorized scope via client-side request manipulation...
CVE-2026-1201
CVE-2026-1201 affects Hubitat Elevation hubs (pre-2.4.2.157). Root cause: an authorization bypass via user-controlled key that enables a remote authenticated user to manipulate client-side requests and control devices outside their authorized scope. Public documents from Red Hat and PT Security c...
PT-2026-4286
Name of the Vulnerable Software and Affected Versions Hubitat Elevation versions prior to 2.4.2.157 Description A flaw exists in Hubitat Elevation home automation controllers that allows a remote authenticated user to control connected devices outside of their authorized scope. This is possible...
Hubitat Elevation security vulnerability
Hubitat Elevation is a localized smart home control system developed by Hubitat Inc. Versions prior to Hubitat Elevation 2.4.2.157 contained security vulnerabilities. These vulnerabilities were caused by user-controllable keys that allowed unauthorized access, potentially allowing remote...