Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/05/23 4:42 a.m.8 views

CVE-2023-41894

Home assistant is an open source home automation. The assessment verified that webhooks available in the webhook component are triggerable via the .ui.nabu.casa URL without authentication, even when the webhook is marked as Only accessible from the local network. This issue is facilitated by the...

5.3CVSS6.5AI score0.00423EPSS
Exploits0
nvd
nvd
added 2023/10/20 12:15 a.m.26 views

CVE-2023-41894

Home assistant is an open source home automation. The assessment verified that webhooks available in the webhook component are triggerable via the .ui.nabu.casa URL without authentication, even when the webhook is marked as Only accessible from the local network. This issue is facilitated by the...

5.3CVSS5.1AI score0.00423EPSS
Exploits0References2
cve
cve
added 2023/10/19 11:23 p.m.81 views

CVE-2023-41894

CVE-2023-41894 affects Home Assistant Core. The webhook component can be triggered via the *.ui.nabu.casa URL without authentication, due to SniTun forwarding from public URL to localhost (127.0.0.1). This enables local-webhook exposure despite “Only accessible from the local network” setting. Im...

5.3CVSS5AI score0.00423EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2023/10/19 11:23 p.m.17 views

CVE-2023-41894 Local-only webhooks externally accessible via SniTun in Home Assistant Core

Home assistant is an open source home automation. The assessment verified that webhooks available in the webhook component are triggerable via the .ui.nabu.casa URL without authentication, even when the webhook is marked as Only accessible from the local network. This issue is facilitated by the...

5.3CVSS6.5AI score0.00423EPSS
Exploits0References2
Rows per page
Query Builder