Vulnerabilities > Osram

DATE CVE VULNERABILITY TITLE RISK
2017-04-10 CVE-2016-5059 Information Exposure vulnerability in Osram Lightify PRO
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application.
network
low complexity
osram CWE-200
4.0
2017-04-10 CVE-2016-5058 Improper Access Control vulnerability in Osram Lightify PRO
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay.
network
low complexity
osram CWE-284
5.0
2017-04-10 CVE-2016-5057 7PK - Security Features vulnerability in Osram Lightify PRO
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning.
network
low complexity
osram CWE-254
5.0
2017-04-10 CVE-2016-5056 Inadequate Encryption Strength vulnerability in Osram Lightify PRO
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK.
network
low complexity
osram CWE-326
5.0
2017-04-10 CVE-2016-5055 Cross-site Scripting vulnerability in Osram Lightify PRO
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page.
network
osram CWE-79
4.3
2017-04-10 CVE-2016-5054 Improper Access Control vulnerability in Osram Lightify Home
OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay.
network
low complexity
osram CWE-284
5.0
2017-04-10 CVE-2016-5053 Missing Authentication for Critical Function vulnerability in Osram Lightify Home
OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary commands via TCP port 4000.
network
low complexity
osram CWE-306
7.5
2017-04-10 CVE-2016-5052 7PK - Security Features vulnerability in Osram Lightify Home
OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 does not use SSL pinning.
network
low complexity
osram CWE-254
5.0
2017-04-10 CVE-2016-5051 Information Exposure vulnerability in Osram Lightify Home
OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 stores a PSK in cleartext under /private/var/mobile/Containers/Data/Application.
network
low complexity
osram CWE-200
5.0