Security Advisory

CVE-2018-3856

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-08-23 22:00:00

Last updated 2024-09-16 17:52:57

Assigner talos

State PUBLISHED

Description

An exploitable vulnerability exists in the smart cameras RTSP configuration of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The device incorrectly handles spaces in the URL field, leading to an arbitrary operating system command injection. An attacker can send a series of HTTP requests to trigger this vulnerability.

← Browse all CVEs View on cve.org ↗