Lucene search
K

12 matches found

OSV
OSV
added 2018/08/27 3:29 p.m.4 views

CVE-2018-3918

An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs for the 'sync'...

7.5CVSS5.9AI score0.00989EPSS
Exploits2References1
NVD
NVD
added 2018/08/27 3:29 p.m.32 views

CVE-2018-3918

An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs for the 'sync'...

7.5CVSS6.9AI score0.00989EPSS
Exploits2References1
Prion
Prion
added 2018/08/27 3:29 p.m.20 views

Cross site request forgery (csrf)

An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs for the 'sync'...

6.4CVSS7.7AI score0.00989EPSS
Exploits2References1Affected Software1
Positive Technologies
Positive Technologies
added 2018/08/27 12:0 a.m.6 views

PT-2018-16310 · Samsung · Samsung Smartthings Hub

Name of the Vulnerable Software and Affected Versions: Samsung SmartThings Hub STH-ETH-250 version 0.20.17 Description: An issue exists in the remote servers of Samsung SmartThings Hub where the hubCore process listens on port 39500 and relays unauthenticated messages. The servers incorrectly...

7.5CVSS6.7AI score0.00989EPSS
Exploits2References3
OSV
OSV
added 2018/08/23 10:29 p.m.4 views

CVE-2018-3911

An exploitable HTTP header injection vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated message to SmartThings' remote servers, which insecurely handle JSON messages...

8.6CVSS5.8AI score0.01223EPSS
Exploits2References1
Cvelist
Cvelist
added 2018/08/23 10:0 p.m.30 views

CVE-2018-3911

An exploitable HTTP header injection vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated message to SmartThings' remote servers, which insecurely handle JSON messages...

8.6CVSS8.7AI score0.01223EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2018/08/23 12:0 a.m.5 views

PT-2018-16303 · Samsung · Samsung Smartthings Hub

Name of the Vulnerable Software and Affected Versions: Samsung SmartThings Hub STH-ETH-250 version 0.20.17 Description: An exploitable HTTP header injection issue exists in the remote servers of the Samsung SmartThings Hub. The hubCore process listens on port 39500 and relays any unauthenticated...

8.6CVSS8.7AI score0.01223EPSS
Exploits2References2
CNVD
CNVD
added 2018/07/31 12:0 a.m.4 views

Samsung SmartThings Hub Denial of Service Vulnerability

Samsung SmartThings Hub is a smart home management device from Samsung South Korea. A denial of service vulnerability exists in the remote server in Samsung SmartThings Hub with firmware version 0.20.17, which originates when the hubCore process listening on port 39500 relays unauthenticated...

7.5CVSS6.7AI score0.00989EPSS
Exploits2References1
seebug.org
seebug.org
added 2018/07/30 12:0 a.m.567 views

Samsung SmartThings Hub hubCore port 39500 sync denial-of-service vulnerability(CVE-2018-3918)

Summary An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs for the "sync" operation, leading to arbitrary deleti...

0.2AI score0.00989EPSS
Exploits2
seebug.org
seebug.org
added 2018/07/30 12:0 a.m.566 views

Samsung SmartThings Hub hubCore Port 39500 HTTP Header Injection Vulnerability(CVE-2018-3911)

Summary An exploitable HTTP header injection vulnerability exists in the remote servers of Samsung SmartThings Hub. The hubCore process listens on port 39500 and relays any unauthenticated message to SmartThings' remote servers, which insecurely handle JSON messages, leading to partially controll...

0.5AI score0.01223EPSS
Exploits2
Talos
Talos
added 2018/07/26 12:0 a.m.80 views

Samsung SmartThings Hub hubCore port 39500 sync denial-of-service vulnerability

Summary An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings’ remote servers, which incorrectly handle camera IDs for the “sync” operation, leading to arbitrary deleti...

7.5CVSS7AI score0.00989EPSS
Exploits2
Talos
Talos
added 2018/07/26 12:0 a.m.297 views

Samsung SmartThings Hub hubCore Port 39500 HTTP Header Injection Vulnerability

Summary An exploitable HTTP header injection vulnerability exists in the remote servers of Samsung SmartThings Hub. The hubCore process listens on port 39500 and relays any unauthenticated message to SmartThings’ remote servers, which insecurely handle JSON messages, leading to partially controll...

8.6CVSS8.6AI score0.01223EPSS
Exploits2
Rows per page
Query Builder