CVE-2022-30746
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Samsung Mobile | Smart Things | unspecified < 1.7.85.12 | affected |
Weaknesses
- CWE-285: CWE-285: Improper Authorization
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.