Vulnerabilities > Logitech > Harmony HUB
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-12-20 | CVE-2018-15723 | Unspecified vulnerability in Logitech Harmony HUB Firmware The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP request. | 7.5 |
2018-12-20 | CVE-2018-15722 | OS Command Injection vulnerability in Logitech Harmony HUB Firmware The Logitech Harmony Hub before version 4.15.206 is vulnerable to OS command injection via the time update request. | 9.3 |
2018-12-20 | CVE-2018-15721 | Improper Authentication vulnerability in Logitech Harmony HUB Firmware The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP request. | 7.5 |
2018-12-20 | CVE-2018-15720 | Use of Hard-coded Credentials vulnerability in Logitech Harmony HUB Firmware Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server that gave remote users access to the local API. | 7.5 |