OS Command Injection in Logitech Harmony Hub

OS Command Injection in Logitech Harmony Hub

CVE-2018-15722 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

The Logitech Harmony Hub before version 4.15.206 is vulnerable to OS command injection via the time update request. A remote server or man in the middle can inject OS commands with a properly formatted response.

Learn more about our Cis Benchmark Audit For Server Software.