Logitech Harmony Hub Command Injection Vulnerability
CVE-2018-15723 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP request. An unauthenticated remote attacker can leverage this vulnerability to execute application defined commands (e.g. harmony.system?systeminfo).
Learn more about our Web Application Penetration Testing UK.