CVE-2018-3909

CWE-444 — HTTP Request Smuggling3 documents3 sources

Severity

8.6HIGH

EPSS

0.4%

top 37.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Talos Samsung Samsung Sth-eth-250 Firmware

Timeline

PublishedAug 24

Latest updateMay 13

Description

An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, 'onmessagecomplete' callback. An attacker can send an HTTP request to trigger this vulnerability.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:NExploitability: 3.9 | Impact: 4.0

Affected Packages2 packages

▶NVDsamsung/sth-eth-250_firmware0.20.17

▶CVEListV5talos/samsungSamsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17

🔴Vulnerability Details

GHSA

GHSA-59hg-jxh2-2qg8: An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0↗2022-05-13

▶

CVEList

CVE-2018-3909: An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0↗2018-08-24

▶