Local File Inclusion Vulnerability in SmartThings (prior to version 1.7.67.25) Allows Untrusted Applications to Access Webview

Local File Inclusion Vulnerability in SmartThings (prior to version 1.7.67.25) Allows Untrusted Applications to Access Webview

CVE-2021-25447 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause local file inclusion in webview.

Learn more about our Web App Pen Testing.