Vulnerabilities > Osram
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-04-10 | CVE-2016-5059 | Information Exposure vulnerability in Osram Lightify PRO OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application. | 6.5 |
2017-04-10 | CVE-2016-5058 | Improper Access Control vulnerability in Osram Lightify PRO OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay. | 7.5 |
2017-04-10 | CVE-2016-5057 | 7PK - Security Features vulnerability in Osram Lightify PRO OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning. | 7.5 |
2017-04-10 | CVE-2016-5056 | Inadequate Encryption Strength vulnerability in Osram Lightify PRO OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK. | 7.5 |
2017-04-10 | CVE-2016-5055 | Cross-site Scripting vulnerability in Osram Lightify PRO OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page. | 6.1 |
2017-04-10 | CVE-2016-5054 | Improper Access Control vulnerability in Osram Lightify Home 1.6.1 OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay. | 7.5 |
2017-04-10 | CVE-2016-5053 | Missing Authentication for Critical Function vulnerability in Osram Lightify Home 1.6.1 OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary commands via TCP port 4000. | 9.8 |
2017-04-10 | CVE-2016-5052 | 7PK - Security Features vulnerability in Osram Lightify Home 1.6.1 OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 does not use SSL pinning. | 7.5 |
2017-04-10 | CVE-2016-5051 | Information Exposure vulnerability in Osram Lightify Home 1.6.1 OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 stores a PSK in cleartext under /private/var/mobile/Containers/Data/Application. | 7.5 |