CVE-2018-15723

CVE-2018-15723

Vendor Logitech
Product Logitech Harmony Hub
Weakness CWE-346 · Origin validation
Published December 20, 2018
Last update September 17, 2024

CVSS base score

What the vulnerability does

01Description

The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP request. An unauthenticated remote attacker can leverage this vulnerability to execute application defined commands (e.g. harmony.system?systeminfo).

Key dates

02Disclosure timeline

December 20, 2018 CVE published
September 17, 2024 Record updated