CVE-2018-15720

Summary

Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server that gave remote users access to the local API.

Affected Software

VendorProductVersion RangeStatus
LogitechLogitech Harmony HubFirmware before 4.15.206affected

Weaknesses

  • CWE-798: CWE-798 Hard-coded credentials

ADP Enrichment

CVE Program Container

Additional References

References