CVE-2018-3908
CVE-2018-3908 affects Samsung SmartThings Hub STH-ETH-250 firmware 0.20.17, where the video-core HTTP server’s restful parser mishandles pipelined HTTP requests. The on_body callback can cause successive requests to overwrite the previously parsed HTTP method, URL and body, enabling an attacker t...