Risk | High |
Patch available | YES |
Number of vulnerabilities | 40 |
CVE-ID | CVE-2018-3856 CVE-2018-3863 CVE-2018-3864 CVE-2018-3865 CVE-2018-3866 CVE-2018-3867 CVE-2018-3872 CVE-2018-3873 CVE-2018-3874 CVE-2018-3875 CVE-2018-3876 CVE-2018-3877 CVE-2018-3878 CVE-2018-3879 CVE-2018-3880 CVE-2018-3893 CVE-2018-3894 CVE-2018-3895 CVE-2018-3896 CVE-2018-3897 CVE-2018-3902 CVE-2018-3903 CVE-2018-3904 CVE-2018-3905 CVE-2018-3906 CVE-2018-3907 CVE-2018-3908 CVE-2018-3909 CVE-2018-3911 CVE-2018-3912 CVE-2018-3913 CVE-2018-3914 CVE-2018-3915 CVE-2018-3916 CVE-2018-3917 CVE-2018-3919 CVE-2018-3918 CVE-2018-3925 CVE-2018-3926 CVE-2018-3927 |
CWE-ID | CWE-77 CWE-121 CWE-89 CWE-20 CWE-113 CWE-122 CWE-835 CWE-191 CWE-200 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
SmartThings Hub STH-ETH-250 Hardware solutions / Firmware |
Vendor | Samsung |
Security Bulletin
This security bulletin contains information about 40 vulnerabilities.
EUVDB-ID: #VU14063
Risk: Low
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3856
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionInstall update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0539/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14064
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3863
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionInstall update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0548/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14065
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3864
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionInstall update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0548/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14066
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3865
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionInstall update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0548/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14067
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3866
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionInstall update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0548/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14068
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3867
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptionvideo-core
's HTTP server of Samsung SmartThings Hub due to incorrect handling of the answer received from a smart camera. A remote attacker can send a series of HTTP requests, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0549/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14069
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3872
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptioncredentials
handler of video-core
's HTTP server of Samsung SmartThings Hub due to incorrect extracting of the videoHostUrl
field from a user-controlled JSON payload. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges. Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0554/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14070
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3873
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptioncredentials
handler of video-core
's HTTP server of Samsung SmartThings Hub due to incorrect extracting of fields from a user-controlled JSON payload. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0555/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14071
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3874
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptioncredentials
handler of video-core
's HTTP server of Samsung SmartThings Hub due to incorrect extracting of fields from a user-controlled JSON payload. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0555/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14072
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3875
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptioncredentials
handler of video-core
's HTTP server of Samsung SmartThings Hub due to incorrect extracting of fields from a user-controlled JSON payload. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0555/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14073
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3876
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptioncredentials
handler of video-core
's HTTP server of Samsung SmartThings Hub due to incorrect extracting of fields from a user-controlled JSON payload. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0555/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14074
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3877
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptioncredentials
handler of video-core
's HTTP server of Samsung SmartThings Hub due to incorrect extracting of fields from a user-controlled JSON payload. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0555/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14075
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3878
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptioncredentials
handler of video-core
's HTTP server of Samsung SmartThings Hub due to incorrect extracting of fields from a user-controlled JSON payload. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0555/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14076
Risk: Low
CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3879
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary SQL commands in web application database.
The vulnerability exists in the credentials
handler of video-core
's HTTP server of Samsung SmartThings Hub due to incorrect parsing the user-controlled JSON payload. A remote attacker can send a specially crafted HTTP request to vulnerable script and execute arbitrary SQL commands in the video-core
database.
Successful exploitation of the vulnerability may allow an attacker to gain administrative access to vulnerable web application.
MitigationInstall update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0556/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14077
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3880
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptionvideo-core
's HTTP server of Samsung SmartThings Hub due to incorrect handling of existing records inside its SQLite database. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0557/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14078
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3893
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Description/cameras/XXXX/clips
handler of video-core
's HTTP server of Samsung SmartThings Hub due to incorrect extracting of fields from a user-controlled JSON payload. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0570/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14079
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3894
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Description/cameras/XXXX/clips
handler of video-core
's HTTP server of Samsung SmartThings Hub due to incorrect extracting of fields from a user-controlled JSON payload. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0570/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14080
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3895
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Description/cameras/XXXX/clips
handler of video-core
's HTTP server of Samsung SmartThings Hub due to incorrect extracting of fields from a user-controlled JSON payload. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0570/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14081
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3896
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Description/cameras/XXXX/clips
handler of video-core
's HTTP server of Samsung SmartThings Hub due to incorrect extracting of fields from a user-controlled JSON payload. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0570/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14082
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3897
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Description/cameras/XXXX/clips
handler of video-core
's HTTP server of Samsung SmartThings Hub due to incorrect extracting of fields from a user-controlled JSON payload. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0570/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14083
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3902
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptionvideo-core
's HTTP server of Samsung SmartThings Hub due to incorrect extracting of the URL field from a user-controlled JSON payload. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges. Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0573/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14084
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3903
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptionvideo-core
's HTTP server of Samsung SmartThings Hub due to incorrect extracting of the fields from a user-controlled JSON payload. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0574/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14085
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3904
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptionvideo-core
's HTTP server of Samsung SmartThings Hub due to incorrect extracting of the fields from a user-controlled JSON payload. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0574/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14086
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3905
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptionvideo-core
's HTTP server of Samsung SmartThings Hub due to incorrect extracting of the "state" field from a user-controlled JSON payload. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0575/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14087
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3906
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptionvideo-core
's HTTP server of Samsung SmartThings Hub due to insecure extracting of the shard.videoHostURL field from its SQLite database. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges. Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0576/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14088
Risk: Low
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3907
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
Descriptionvideo-core
's HTTP server of the Samsung SmartThings Hub due to incorrect handling of pipelined HTTP requests. A remote attacker can send an HTTP request and overwrite the previously parsed HTTP method, URL and body.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0577/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14089
Risk: Low
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3908
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
Descriptionvideo-core
's HTTP server of the Samsung SmartThings Hub due to incorrect handling of pipelined HTTP requests. A remote attacker can send an HTTP request and overwrite the previously parsed HTTP method, URL and body.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0577/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14090
Risk: Low
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3909
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
Descriptionvideo-core
's HTTP server of the Samsung SmartThings Hub due to incorrect handling of pipelined HTTP requests. A remote attacker can send an HTTP request and overwrite the previously parsed HTTP method, URL and body.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0577/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14091
Risk: Medium
CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3911
CWE-ID:
CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')
Exploit availability: No
DescriptionhubCore
process listens on port 39500 and relays any unauthenticated message to SmartThings' remote servers, which insecurely handle JSON messages. A remote attacker can send an HTTP request and cause partially controlled requests to be generated toward the internal video-core
process.Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0578/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14092
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3912
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptionvideo-core
HTTP server of the Samsung SmartThings Hub due to insecure extracting of the fields from the "shard" table of its SQLite database. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0581/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14093
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3913
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptionvideo-core
HTTP server of the Samsung SmartThings Hub due to insecure extracting of the fields from the "shard" table of its SQLite database. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0581/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14094
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3914
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptionvideo-core
HTTP server of the Samsung SmartThings Hub due to insecure extracting of the fields from the "shard" table of its SQLite database. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0581/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14095
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3915
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptionvideo-core
HTTP server of the Samsung SmartThings Hub due to insecure extracting of the fields from the "shard" table of its SQLite database. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0581/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14096
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3916
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptionvideo-core
HTTP server of the Samsung SmartThings Hub due to insecure extracting of the fields from the "shard" table of its SQLite database. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0581/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14097
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3917
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptionvideo-core
HTTP server of the Samsung SmartThings Hub due to insecure extracting of the fields from the "shard" table of its SQLite database. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0581/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14098
Risk: High
CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3919
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
Descriptionvideo-core
's HTTP server of Samsung SmartThings Hub due to insecure extracting of the fields from the "clips" table of its SQLite database. A remote attacker can send an HTTP request, trigger stack-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0583/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14099
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3918
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionhubCore
process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers. A remote attacker can send an HTTP request, trigger incorrect handling of camera IDs for the "sync" operation, delete arbitrary cameras and cause the service to crash.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0582/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14100
Risk: Medium
CVSSv3.1: 7.4 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3925
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
Descriptionvideo-core
's HTTP server of Samsung SmartThings Hub due to insecure parsing of the AWSELB cookie while communicating with remote video-host servers. A remote attacker able to impersonate the remote HTTP servers can send an HTTP request, trigger heap-based buffer overflow and execute arbitrary code with elevated privileges.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0591/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14101
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3926
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionhubCore
binary of the Samsung SmartThings Hub due to integer underflow when incorrect handling of malformed files existing in its "data" directory. A remote attacker can send an HTTP request, trigger infinite loop and cause the service to crash.
Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0593/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU14102
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-3927
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionhubCore
binary of the Samsung SmartThings Hub due to Google Breakpad is used to record minidumps, which are sent over an insecure HTTPS connection to the backtrace.io service when hubCore
crashes. A remote attacker can impersonate the remote backtrace.io server and gain access to arbitrary data.Install update from vendor's website.
SmartThings Hub STH-ETH-250: 0.20.17
External linkshttp://www.talosintelligence.com/reports/TALOS-2018-0594/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.