CVE-2018-3927

An exploitable information disclosure vulnerability exists in the crash handler of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. When hubCore crashes, Google Breakpad is used to record minidumps, which are sent over an insecure HTTPS connection to the...

CVE-2018-3927

An exploitable information disclosure vulnerability exists in the crash handler of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. When hubCore crashes, Google Breakpad is used to record minidumps, which are sent over an insecure HTTPS connection to the...

CVE-2018-3927

CVE-2018-3927 is an information-disclosure issue in the Samsung SmartThings Hub STH-ETH-250 (firmware 0.20.17) where hubCore’s crash handler uses Google Breakpad to create minidumps and transmits them to backtrace.io over an insecure TLS connection. The fixed URL HUBCORE_MINIDUMP_URL (configured ...

Samsung SmartThings Hub hubCore Google Breakpad backtrace.io information disclosure vulnerability(CVE-2018-3927)

Summary An exploitable information disclosure vulnerability exists in the crash handler of the hubCore binary of the Samsung SmartThings Hub. When hubCore crashes, Google Breakpad is used to record minidumps, which are sent over an insecure HTTPS connection to the backtrace.io service, leading to...

Samsung SmartThings Hub hubCore Google Breakpad backtrace.io information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the crash handler of the hubCore binary of the Samsung SmartThings Hub. When hubCore crashes, Google Breakpad is used to record minidumps, which are sent over an insecure HTTPS connection to the backtrace.io service, leading to...