CVE-2021-25447
published 2021-08-05CVE-2021-25447: Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause local file inclusion in webview.
medium5.3CVSS 3.1
AVNACLPRNUINSUCNILAN
Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause local file inclusion in webview.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| samsung | smartthings_firmware | < 1.7.67.25 | 1.7.67.25 |
| samsung_mobile | smart_things | >= - < 1.7.67.25 | 1.7.67.25 |