CVE-2018-15721

CVE-2018-15721

Vendor Logitech
Product Logitech Harmony Hub
Weakness CWE-287 · Improper authentication
Published December 20, 2018
Last update September 17, 2024

CVSS base score

What the vulnerability does

01Description

The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP request. Remote attackers can use this vulnerability to gain access to the local API.

Key dates

02Disclosure timeline

December 20, 2018 CVE published
September 17, 2024 Record updated