54 matches found
CVE-2020-36905
FIBARO System Home Center 5.021 contains a remote file inclusion vulnerability in the undocumented proxy API that allows attackers to include arbitrary client-side scripts. Attackers can exploit the 'url' GET parameter to inject malicious JavaScript and potentially hijack user sessions or...
CVE-2020-36905 FIBARO System Home Center 5.021 Remote File Inclusion via Proxy API
FIBARO System Home Center 5.021 contains a remote file inclusion vulnerability in the undocumented proxy API that allows attackers to include arbitrary client-side scripts. Attackers can exploit the 'url' GET parameter to inject malicious JavaScript and potentially hijack user sessions or...
CVE-2020-36905
CVE-2020-36905 affects FIBARO System Home Center 5.021. A remote file inclusion vulnerability exists in the undocumented proxy API that allows an attacker to include arbitrary client-side scripts by abusing the GET parameter “url,” enabling injection of malicious JavaScript and potentially hijack...
CVE-2020-36905 FIBARO System Home Center 5.021 Remote File Inclusion via Proxy API
FIBARO System Home Center 5.021 contains a remote file inclusion vulnerability in the undocumented proxy API that allows attackers to include arbitrary client-side scripts. Attackers can exploit the 'url' GET parameter to inject malicious JavaScript and potentially hijack user sessions or...
FIBARO System Home Center 安全漏洞
FIBARO System Home Center is a series of smart home core central control hosts from the Polish company FIBARO. A security vulnerability exists in FIBARO System Home Center version 5.021, which stems from a remote file inclusion vulnerability in the undocumented proxy API that could lead to the...
PT-2026-1440
FIBARO System Home Center 5.021 contains a remote file inclusion vulnerability in the undocumented proxy API that allows attackers to include arbitrary client-side scripts. Attackers can exploit the 'url' GET parameter to inject malicious JavaScript and potentially hijack user sessions or...
EUVD-2021-8401
Malicious code in bioql PyPI...
EUVD-2021-8398
Malicious code in bioql PyPI...
EUVD-2023-38652
Malicious code in bioql PyPI...
EUVD-2021-8399
Malicious code in bioql PyPI...
CVE-2023-34597
A vulnerability in Fibaro Motion Sensor firmware v3.4 allows attackers to cause a Denial of Service DoS via a crafted Z-Wave message...
CVE-2023-34597
A vulnerability in Fibaro Motion Sensor firmware v3.4 allows attackers to cause a Denial of Service DoS via a crafted Z-Wave message...
CVE-2023-34597
A vulnerability in Fibaro Motion Sensor firmware v3.4 allows attackers to cause a Denial of Service DoS via a crafted Z-Wave message...
CVE-2023-34597
A vulnerability in Fibaro Motion Sensor firmware v3.4 allows attackers to cause a Denial of Service DoS via a crafted Z-Wave message...
CVE-2023-34597
CVE-2023-34597 affects Fibaro Motion Sensor firmware version 3.4. The vulnerability allows an attacker to cause a Denial of Service via a crafted Z-Wave message. Documented impact: availability impact high (DoS) with attack vector Adjacent and no privileges/UI required. The NVD/NVD-derived metric...
Fibaro Motion Sensor 安全漏洞
Fibaro Motion Sensor is a wireless motion sensor from the Polish company Fibaro. A security vulnerability exists in Fibaro Motion Sensor version v3.4 that stems from allowing an attacker to cause a denial of service DoS via a crafted Z-Wave message...
PT-2023-24938 · Fibaro · Fibaro Motion Sensor
Name of the Vulnerable Software and Affected Versions: Fibaro Motion Sensor version 3.4 Description: A Denial of Service DoS issue exists, allowing attackers to cause a disruption via a crafted Z-Wave message. Recommendations: For Fibaro Motion Sensor version 3.4, update the firmware to a version...
Fibaro Home Center MITM / Missing Authentication / Code Execution Vulnerabilities
Fibaro Home Center Light and Fibaro Home Center 2 versions 4.600 and below suffer from man-in-the-middle, missing authentication, remote command execution, and missing encryption vulnerabilities. Fibaro Home Center MITM / Missing Authentication / Code Execution Vendor description:...
Fibaro Home Center MITM / Missing Authentication / Code Execution
IoT Inspector Research Lab Advisory IOT-20210408-0 title: Multiple vulnerabilities vendor/product: Fibaro Home Center Light / Fibaro Home Center 2 https://www.fibaro.com/ vulnerable version: 4.600 and older fixed version: 4.610 CVE number: CVE-2021-20989, CVE-2021-20990, CVE-2021-20991,...
CVE-2021-20991
In Fibaro Home Center 2 and Lite devices with firmware version 4.540 and older an authenticated user can run commands as root user using a command injection vulnerability...