Hard-coded Account Vulnerability in Logitech Harmony Hub

Hard-coded Account Vulnerability in Logitech Harmony Hub

CVE-2018-15720 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server that gave remote users access to the local API.

Learn more about our Cis Benchmark Audit For Server Software.