384 matches found
Logitech SqueezeCenter/Media Server Detection Consolidation
Consolidation of Logitech SqueezeCenter/Media Server detections. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Logitech SqueezeCenter/Media Server Detection (SlimProto TCP)
Detection of a Logitech SqueezeCenter/Media Server via SlimProto TCP. This script sends a SlimProto TCP SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Logitech SqueezeCenter/Media Server Detection (UDP)
Detection of a Logitech SqueezeCenter/Media Server via UDP. This script sends an UDP discovery request to the target and tries to get the version from the response. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...
The vulnerability of the Logitech Options peripheral control utility allows a hacker to execute arbitrary commands.
The vulnerability of the Logitech Options peripheral control utility lies in the lack of restrictions on the number of authentication attempts made through the WebSocket server. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using a specially crafted web page...
Logitech Harmony Hub OS Command Injection Vulnerability
Logitech Harmony Hub is a remote control device from Logitech USA. An operating system command injection vulnerability exists in Logitech Harmony Hub versions prior to 4.15.206, which can be exploited by an attacker to inject operating system commands by sending a time update request...
Logitech Harmony Hub Command Injection Vulnerability
Logitech Harmony Hub is a remote control device from Logitech USA. A command injection vulnerability exists in Logitech Harmony Hub versions prior to 4.15.206, which can be exploited by a remote attacker to execute application-defined commands e.g., harmony.system?systeminfo by sending a speciall...
CVE-2018-15721
The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP request. Remote attackers can use this vulnerability to gain access to the local API...
CVE-2018-15723
The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP request. An unauthenticated remote attacker can leverage this vulnerability to execute application defined commands e.g. harmony.system?systeminfo...
CVE-2018-15722
The Logitech Harmony Hub before version 4.15.206 is vulnerable to OS command injection via the time update request. A remote server or man in the middle can inject OS commands with a properly formatted response...
Authentication flaw
The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP request. Remote attackers can use this vulnerability to gain access to the local API...
CVE-2018-15721
The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP request. Remote attackers can use this vulnerability to gain access to the local API...
CVE-2018-15720
Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server that gave remote users access to the local API...
CVE-2018-15720
Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server that gave remote users access to the local API...
Hardcoded credentials
Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server that gave remote users access to the local API...
CVE-2018-15723
The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP request. An unauthenticated remote attacker can leverage this vulnerability to execute application defined commands e.g. harmony.system?systeminfo...
Command injection
The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP request. An unauthenticated remote attacker can leverage this vulnerability to execute application defined commands e.g. harmony.system?systeminfo...
Command injection
The Logitech Harmony Hub before version 4.15.206 is vulnerable to OS command injection via the time update request. A remote server or man in the middle can inject OS commands with a properly formatted response...
CVE-2018-15723
The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP request. An unauthenticated remote attacker can leverage this vulnerability to execute application defined commands e.g. harmony.system?systeminfo...
CVE-2018-15722
The Logitech Harmony Hub before version 4.15.206 is vulnerable to OS command injection via the time update request. A remote server or man in the middle can inject OS commands with a properly formatted response...
CVE-2018-15723
The Logitech Harmony Hub is affected by CVE-2018-15723, with the vulnerability present in versions prior to 4.15.206. It is an application‑level command injection vulnerability exploitable via a crafted HTTP request, allowing an unauthenticated remote attacker to execute application defined comma...