CVE-2018-15720

CVE-2018-15720

Vendor Logitech
Product Logitech Harmony Hub
Weakness CWE-798 · Hardcoded credentials
Published December 20, 2018
Last update September 16, 2024

CVSS base score

What the vulnerability does

01Description

Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server that gave remote users access to the local API.

Key dates

02Disclosure timeline

December 20, 2018 CVE published
September 16, 2024 Record updated