Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Prion
Prionadded 2018/12/20 9:29 p.m.10 views

Command injection

The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP request. An unauthenticated remote attacker can leverage this vulnerability to execute application defined commands e.g. harmony.system?systeminfo...

7.5CVSS9.8AI score0.03699EPSS
Exploits1References1Affected Software1
NVD
NVDadded 2018/12/20 9:29 p.m.11 views

CVE-2018-15723

The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP request. An unauthenticated remote attacker can leverage this vulnerability to execute application defined commands e.g. harmony.system?systeminfo...

9.8CVSS10AI score0.03699EPSS
Exploits1References1
Cvelist
Cvelistadded 2018/12/20 9:0 p.m.17 views

CVE-2018-15723

The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP request. An unauthenticated remote attacker can leverage this vulnerability to execute application defined commands e.g. harmony.system?systeminfo...

10AI score0.03699EPSS
Exploits1References1
CVE
CVEadded 2018/12/20 9:0 p.m.37 views

CVE-2018-15723

The Logitech Harmony Hub is affected by CVE-2018-15723, with the vulnerability present in versions prior to 4.15.206. It is an application‑level command injection vulnerability exploitable via a crafted HTTP request, allowing an unauthenticated remote attacker to execute application defined comma...

9.8CVSS9.9AI score0.03699EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2018/12/20 9:0 p.m.38 views

CVE-2018-15720

Affected product: Logitech Harmony Hub. Vulnerability: hard-coded XMPP accounts in the hub’s XMPP server allow remote, unauthenticated access to the local API. Root cause: exposed credentials baked into the firmware prior to 4.15.206. Impact: potential remote control of the hub APIs; effect on co...

9.8CVSS9AI score0.01495EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2018/12/20 9:0 p.m.41 views

CVE-2018-15721

CVE-2018-15721 affects Logitech Harmony Hub, where the XMPP server before 4.15.206 allows authentication bypass via a crafted XMPP request, enabling remote, unauthenticated access to the device’s local API. Connected sources confirm the vulnerability enables full control of the hub, with attacker...

9.8CVSS9.2AI score0.01825EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2018/12/20 9:0 p.m.38 views

CVE-2018-15722

CVE-2018-15722 affects the Logitech Harmony Hub prior to version 4.15.206, where an OS command injection vulnerability exists via the time update request. A remote attacker can inject shell commands by sending a crafted response to the time synchronization flow, enabling remote unauthenticated co...

9.3CVSS8.3AI score0.01643EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder