Show filters
19 Total Results
Displaying 11-19 of 19
Sort by:
Attacker Value
Unknown

CVE-2022-39864

Disclosure Date: October 07, 2022 (last updated October 08, 2023)
Improper access control vulnerability in WifiSetupLaunchHelper in SmartThings prior to version 1.7.89.25 allows attackers to access sensitive information via implicit intent.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-30749

Disclosure Date: June 07, 2022 (last updated October 07, 2023)
Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to add arbitrary smart devices by bypassing login activity.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-30747

Disclosure Date: June 07, 2022 (last updated October 07, 2023)
PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to access files without permission via implicit Intent.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-30746

Disclosure Date: June 07, 2022 (last updated October 07, 2023)
Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-25508

Disclosure Date: November 05, 2021 (last updated November 28, 2024)
Improper privilege management vulnerability in API Key used in SmartThings prior to 1.7.73.22 allows an attacker to abuse the API key without limitation.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-25446

Disclosure Date: August 05, 2021 (last updated November 28, 2024)
Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause arbitrary webpage loading in webview.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-25447

Disclosure Date: August 05, 2021 (last updated November 28, 2024)
Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause local file inclusion in webview.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-25404

Disclosure Date: June 11, 2021 (last updated February 22, 2025)
Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to access user information via log.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-25378

Disclosure Date: April 09, 2021 (last updated February 22, 2025)
Improper access control of certain port in SmartThings prior to version 1.7.63.6 allows remote temporary denial of service.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous