3 matches found
CVE-2023-41899 Partial Server-Side Request Forgery in Home Assistant Core
Home assistant is an open source home automation. In affected versions the hassio.addonstdin is vulnerable to a partial Server-Side Request Forgery where an attacker capable of calling this service e.g.: through GHSA-h2jp-7grc-9xpp may be able to invoke any Supervisor REST API endpoints with a PO...
CVE-2023-41899
Home Assistant Core vulnerability CVE-2023-41899: a partial SSRF in the hassio.addon_stdin service allows an attacker who can call that service (e.g., via GHSA-h2jp-7grc-9xpp) to invoke any Supervisor REST API endpoints through a POST request. An exploited attacker can control the data dictionary...
CVE-2023-41899 Partial Server-Side Request Forgery in Home Assistant Core
Home assistant is an open source home automation. In affected versions the hassio.addonstdin is vulnerable to a partial Server-Side Request Forgery where an attacker capable of calling this service e.g.: through GHSA-h2jp-7grc-9xpp may be able to invoke any Supervisor REST API endpoints with a PO...