6 matches found
EUVD-2026-12158
Philips Hue Bridge happairverifyhandler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Although authentication is required to exploit th...
CVE-2026-3557
Philips Hue Bridge happairverifyhandler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Although authentication is required to exploit th...
Philips Hue Bridge 安全漏洞
The Philips Hue Bridge is a smart lighting gateway device developed by the Japanese company Philips Hue. There is a security vulnerability in the Philips Hue Bridge, which stems from the lack of verification of the user data length in the happairverifyhandler function. This vulnerability may lead...
CVE-2026-3557
Philips Hue Bridge happairverifyhandler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Although authentication is required to exploit th...
CVE-2026-3557
CVE-2026-3557 affects Philips Hue Bridge via the hap_pair_verify_handler in the hk_hap service (listening on TCP 8080). The flaw is a heap-based buffer overflow caused by insufficient validation of user-supplied data length during Sub-TLV parsing, enabling network-adjacent attackers to execute co...
(Pwn2Own) Philips Hue Bridge hap_pair_verify_handler Sub-TLV Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Philips Hue Bridge. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...