CVE-2022-30746
published 2022-06-07CVE-2022-30746: Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API.
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| samsung | smartthings | < 1.7.85.12 | 1.7.85.12 |
| samsung_mobile | smart_things | >= unspecified < 1.7.85.12 | 1.7.85.12 |