CVE-2020-36905 FIBARO System Home Center 5.021 Remote File Inclusion via Proxy API

FIBARO System Home Center 5.021 contains a remote file inclusion vulnerability in the undocumented proxy API that allows attackers to include arbitrary client-side scripts. Attackers can exploit the 'url' GET parameter to inject malicious JavaScript and potentially hijack user sessions or...

FIBARO System Home Center 安全漏洞

FIBARO System Home Center is a series of smart home core central control hosts from the Polish company FIBARO. A security vulnerability exists in FIBARO System Home Center version 5.021, which stems from a remote file inclusion vulnerability in the undocumented proxy API that could lead to the...

FIBARO System Home Center 5.021 Remote File Inclusion / XSS

FIBARO System Home Center v5.021 Remote File Include XSS Vendor: FIBAR GROUP S.A. Product web page: https://www.fibaro.com Affected version: Home Center 3, Home Center 2, Home Center Lite 5.021.38 4.580 4.570 4.540 4.530 4.510 4.180 Summary: Imagine that you live in a house where everything happe...

FIBARO System Home Center 5.021 - Remote File Include

Exploit Title: FIBARO System Home Center 5.021 - Remote File Include Date: 2020-03-22 Author: LiquidWorm Vendor: https://www.fibaro.com CVE: N/A Vendor: FIBAR GROUP S.A. Product web page: https://www.fibaro.com Affected version: Home Center 3, Home Center 2, Home Center Lite 5.021.38 4.580 4.570...