Vulnerabilities > Logitech > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-08-25 CVE-2024-8011 Incorrect Authorization vulnerability in Logitech Options+
Logitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within Options+ runtime and abuse permissions granted by the user to Options+ such as Camera.
local
low complexity
logitech CWE-863
5.5
2021-08-11 CVE-2021-38547 Unspecified vulnerability in Logitech S120 Firmware and Z120 Firmware
Logitech Z120 and S120 speakers through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack.
network
high complexity
logitech
5.9
2021-02-12 CVE-2021-20642 Unspecified vulnerability in Logitech Lan-W300N/Rs Firmware
Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/RS allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted URL.
network
low complexity
logitech
6.5
2021-02-12 CVE-2021-20641 Cross-Site Request Forgery (CSRF) vulnerability in Logitech Lan-W300N/Rs Firmware
Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/RS allows remote attackers to hijack the authentication of administrators via a specially crafted URL.
network
low complexity
logitech CWE-352
6.5
2021-02-12 CVE-2021-20640 Classic Buffer Overflow vulnerability in Logitech Lan-W300N/Pgrb Firmware
Buffer overflow vulnerability in LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute an arbitrary OS command via unspecified vectors.
low complexity
logitech CWE-120
6.8
2021-02-12 CVE-2021-20639 OS Command Injection vulnerability in Logitech Lan-W300N/Pgrb Firmware
LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vectors.
low complexity
logitech CWE-78
6.8
2021-02-12 CVE-2021-20638 OS Command Injection vulnerability in Logitech Lan-W300N/Pgrb Firmware
LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vectors.
low complexity
logitech CWE-78
6.8
2021-02-12 CVE-2021-20637 Unspecified vulnerability in Logitech Lan-W300N/Pr5B Firmware
Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/PR5B allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted URL.
network
low complexity
logitech
6.5
2021-02-12 CVE-2021-20636 Cross-Site Request Forgery (CSRF) vulnerability in Logitech Lan-W300N/Pr5B Firmware
Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/PR5B allows remote attackers to hijack the authentication of administrators via a specially crafted URL.
network
low complexity
logitech CWE-352
6.5
2021-02-12 CVE-2021-20635 Improper Restriction of Excessive Authentication Attempts vulnerability in Logitech Lan-Wh450N/Gr Firmware
Improper restriction of excessive authentication attempts in LOGITEC LAN-WH450N/GR allows an attacker in the wireless range of the device to recover PIN and access the network.
low complexity
logitech CWE-307
6.5