Homeseer Hs2 vulnerabilities
3 known vulnerabilities affecting homeseer/homeseer_hs2.
Total CVEs
3
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2011-4835P3HIGHCVSS 7.5PoCv2.5.0.202011-12-15
CVE-2011-4835 [HIGH] CWE-22 CVE-2011-4835: Directory traversal vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attack
Directory traversal vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to access arbitrary files via unspecified vectors.
nvd
CVE-2011-4837P4MEDIUMCVSS 6.8PoCv2.5.0.202011-12-15
CVE-2011-4837 [MEDIUM] CWE-352 CVE-2011-4837: Cross-site request forgery (CSRF) vulnerability in /ctrl in the web interface in HomeSeer HS2 2.5.0.
Cross-site request forgery (CSRF) vulnerability in /ctrl in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to hijack the authentication of admins for requests that execute arbitrary programs.
nvd
CVE-2011-4836P4MEDIUMCVSS 4.3PoCv2.5.0.202011-12-15
CVE-2011-4836 [MEDIUM] CWE-79 CVE-2011-4836: Cross-site scripting (XSS) vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote
Cross-site scripting (XSS) vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to inject arbitrary web script or HTML via a request for a crafted URI.
nvd