An exploitable HTTP header injection vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 – Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated message to SmartThings’...
An exploitable vulnerability exists in the REST parser of video-core’s HTTP server of the Samsung SmartThings Hub STH-ETH-250 – Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests...
An exploitable vulnerability exists in the REST parser of video-core’s HTTP server of the Samsung SmartThings Hub STH-ETH-250 – Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests...
An exploitable buffer overflow vulnerability exists in the camera "create" feature of video-core’s HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts the "state" field from...
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an...
An exploitable buffer overflow vulnerability exists in the camera "replace" feature of video-core’s HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts the URL field from...
An exploitable stack-based buffer overflow vulnerability exists in the database ‘find-by-cameraId’ functionality of video-core’s HTTP server of Samsung SmartThings Hub STH-ETH-250 – Firmware version 0.20.17. The video-core process incorrectly handles existing records inside its...
An exploitable JSON injection vulnerability exists in the credentials handler of video-core’s HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly parses the user-controlled JSON payload, leading...
Multiple exploitable buffer overflow vulnerabilities exist in the credentials handler of video-core’s HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON...
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core’s HTTP server of Samsung SmartThings Hub STH-ETH-250 – Firmware version 0.20.17. The video-core process incorrectly extracts the videoHostUrl field from a user-controlled...
An exploitable stack-based buffer overflow vulnerability exists in the samsungWifiScan callback notification of video-core’s HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly handles the answer received...
An exploitable buffer overflow vulnerability exists in the samsungWifiScan handler of video-core’s HTTP server of Samsung SmartThings Hub STH-ETH-250 – Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload,...
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an...
An exploitable vulnerability exists in the smart cameras RTSP configuration of the Samsung SmartThings Hub STH-ETH-250 – Firmware version 0.20.17. The device incorrectly handles spaces in the URL field, leading to an arbitrary operating...