CVE-2018-15722

Summary

The Logitech Harmony Hub before version 4.15.206 is vulnerable to OS command injection via the time update request. A remote server or man in the middle can inject OS commands with a properly formatted response.

Affected Software

VendorProductVersion RangeStatus
LogitechLogitech Harmony HubFirmware before 4.15.206affected

Weaknesses

  • CWE-78: CWE-78 OS Command Injection

ADP Enrichment

CVE Program Container

Additional References

References