Vulnerabilities > Homeautomation Project > Homeautomation > High

DATE CVE VULNERABILITY TITLE RISK
2021-04-27 CVE-2020-22000 OS Command Injection vulnerability in Homeautomation Project Homeautomation 3.3.2
HomeAutomation 3.3.2 suffers from an authenticated OS command execution vulnerability using custom command v0.1 plugin.
network
low complexity
homeautomation-project CWE-78
8.0
8.0
2021-04-27 CVE-2020-21989 Cross-Site Request Forgery (CSRF) vulnerability in Homeautomation Project Homeautomation 3.3.2
HomeAutomation 3.3.2 is affected by Cross Site Request Forgery (CSRF).
network
low complexity
homeautomation-project CWE-352
8.8
8.8