Lucene search
K

4 matches found

OSV
OSV
added 2026/05/16 4:16 p.m.1 views

CVE-2021-47942

Home Assistant Community Store HACS prior to 1.10.0 contains a path traversal vulnerability that allows unauthenticated attackers to read sensitive files by traversing directories via the /hacsfiles/ endpoint. Attackers can retrieve the .storage/auth file containing user credentials and refresh...

8.7CVSS6AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/16 3:28 p.m.10 views

CVE-2021-47942 Home Assistant Community Store 1.10.0 Path Traversal Account Takeover

Home Assistant Community Store HACS prior to 1.10.0 contains a path traversal vulnerability that allows unauthenticated attackers to read sensitive files by traversing directories via the /hacsfiles/ endpoint. Attackers can retrieve the .storage/auth file containing user credentials and refresh...

8.7CVSS5.8AI score0.00498EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/05/16 3:28 p.m.11 views

CVE-2021-47942

Home Assistant Community Store HACS prior to 1.10.0 contains a path traversal vulnerability that allows unauthenticated attackers to read sensitive files by traversing directories via the /hacsfiles/ endpoint. Attackers can retrieve the .storage/auth file containing user credentials and refresh...

8.7CVSS5.8AI score0.00498EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/05/16 12:0 a.m.17 views

PT-2026-41449

Name of the Vulnerable Software and Affected Versions Home Assistant Community Store HACS version 1.10.0 Description A path traversal issue allows unauthenticated attackers to read sensitive files by traversing directories via the '/hacsfiles/' endpoint. This can be used to retrieve the...

8.7CVSS5.8AI score0.00498EPSS
Exploits1References8
Rows per page
Query Builder