High

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-31	CVE-2018-9162	Missing Authentication for Critical Function vulnerability in Contec-Touch Smart Home Firmware 4.15 Contec Smart Home 4.15 devices do not require authentication for new_user.php, edit_user.php, delete_user.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors. network low complexity contec-touch CWE-306	7.5