Arbitrary Device Addition Vulnerability in Smart Things Prior to 1.7.85.25

Arbitrary Device Addition Vulnerability in Smart Things Prior to 1.7.85.25

CVE-2022-30749 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Improper access control vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to add arbitrary smart devices by bypassing login activity.

Learn more about our Web Application Penetration Testing UK.