Vulnerabilities > Logitech
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-07 | CVE-2019-12506 | Cleartext Transmission of Sensitive Information vulnerability in Logitech R700 Laser Presentation Remote Firmware Wd802Xm/Wd904Xm Due to unencrypted and unauthenticated data communication, the wireless presenter Logitech R700 Laser Presentation Remote R-R0010 is prone to keystroke injection attacks. | 8.8 |
| 2018-12-20 | CVE-2018-15723 | Unspecified vulnerability in Logitech Harmony HUB Firmware The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP request. | 9.8 |
| 2018-12-20 | CVE-2018-15722 | OS Command Injection vulnerability in Logitech Harmony HUB Firmware The Logitech Harmony Hub before version 4.15.206 is vulnerable to OS command injection via the time update request. | 8.1 |
| 2018-12-20 | CVE-2018-15721 | Improper Authentication vulnerability in Logitech Harmony HUB Firmware The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP request. | 9.8 |
| 2018-12-20 | CVE-2018-15720 | Use of Hard-coded Credentials vulnerability in Logitech Harmony HUB Firmware Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server that gave remote users access to the local API. | 9.8 |
| 2018-07-26 | CVE-2018-0621 | Untrusted Search Path vulnerability in Logitech Connection Utility Software 2.00.3/2.20.28/2.30.6 Untrusted search path vulnerability in LOGICOOL CONNECTION UTILITY SOFTWARE versions before 2.30.9 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2018-07-26 | CVE-2018-0620 | Untrusted Search Path vulnerability in Logitech Game Software Untrusted search path vulnerability in LOGICOOL Game Software versions before 8.87.116 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-11-10 | CVE-2017-16568 | Cross-site Scripting vulnerability in Logitech Media Server 7.9.0 Persistent Cross-Site Scripting (XSS) vulnerability in Logitech Media Server 7.9.0, affecting the "Radio" functionality. | 5.4 |
| 2017-11-10 | CVE-2017-16567 | Cross-site Scripting vulnerability in Logitech Media Server 7.9.0 Persistent Cross-Site Scripting (XSS) vulnerability in Logitech Media Server 7.9.0, affecting the "Favorites" feature. | 5.4 |
| 2017-10-23 | CVE-2017-15687 | Cross-site Scripting vulnerability in Logitech Media Server DOM Based Cross Site Scripting (XSS) exists in Logitech Media Server 7.7.1, 7.7.2, 7.7.3, 7.7.5, 7.7.6, 7.9.0, and 7.9.1 via a crafted URI. | 6.1 |