Samsung Sth-eth-250 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Samsung Sth-eth-250 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (40)
CVE-2018-3907 — CVSS 10.0 (critical): An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware…
CVE-2018-3863 — CVSS 9.9 (critical): On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a…
CVE-2018-3856 — CVSS 9.9 (critical): An exploitable vulnerability exists in the smart cameras RTSP configuration of the Samsung SmartThings Hub STH-ETH-250 - Firmware version…
CVE-2018-3866 — CVSS 9.9 (critical): An exploitable buffer overflow vulnerability exists in the samsungWifiScan handler of video-core's HTTP server of Samsung SmartThings Hub…
CVE-2018-3867 — CVSS 9.9 (critical): An exploitable stack-based buffer overflow vulnerability exists in the samsungWifiScan callback notification of video-core's HTTP server of…
CVE-2018-3872 — CVSS 9.9 (critical): An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub…
CVE-2018-3873 — CVSS 9.9 (critical): An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub…
CVE-2018-3874 — CVSS 9.9 (critical): An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub…
CVE-2018-3875 — CVSS 9.9 (critical): An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub…
CVE-2018-3877 — CVSS 9.9 (critical): An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub…
CVE-2018-3878 — CVSS 9.9 (critical): Multiple exploitable buffer overflow vulnerabilities exist in the credentials handler of video-core's HTTP server of Samsung SmartThings…
CVE-2018-3880 — CVSS 9.9 (critical): An exploitable stack-based buffer overflow vulnerability exists in the database 'find-by-cameraId' functionality of video-core's HTTP…
CVE-2018-3902 — CVSS 9.9 (critical): An exploitable buffer overflow vulnerability exists in the camera "replace" feature of video-core's HTTP server of Samsung SmartThings Hub…
CVE-2018-3903 — CVSS 9.9 (critical): On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a…
CVE-2018-3904 — CVSS 9.9 (critical): An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub…
CVE-2018-3905 — CVSS 9.9 (critical): An exploitable buffer overflow vulnerability exists in the camera "create" feature of video-core's HTTP server of Samsung SmartThings Hub…
CVE-2018-3917 — CVSS 9.9 (critical): On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process insecurely extracts the fields from…
CVE-2018-3919 — CVSS 9.9 (critical): An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in video-core's HTTP server of Samsung…
CVE-2018-3896 — CVSS 8.8 (high): An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings…
CVE-2018-3897 — CVSS 8.8 (high): An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings…
CVE-2018-3865 — CVSS 8.8 (high): An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub…
CVE-2018-3864 — CVSS 8.8 (high): An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub…
CVE-2018-3876 — CVSS 8.8 (high): An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub…
CVE-2018-3879 — CVSS 8.8 (high): An exploitable JSON injection vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub…
CVE-2018-3893 — CVSS 8.8 (high): An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings…
CVE-2018-3894 — CVSS 8.8 (high): An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings…
CVE-2018-3895 — CVSS 8.8 (high): An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings…
CVE-2018-3909 — CVSS 8.6 (high): An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware…
CVE-2018-3911 — CVSS 8.6 (high): An exploitable HTTP header injection vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version…
CVE-2018-3925 — CVSS 8.5 (high): An exploitable buffer overflow vulnerability exists in the remote video-host communication of video-core's HTTP server of Samsung…
CVE-2018-3915 — CVSS 8.2 (high): An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the…
CVE-2018-3906 — CVSS 8.2 (high): An exploitable stack-based buffer overflow vulnerability exists in the retrieval of a database field in video-core's HTTP server of Samsung…
CVE-2018-3916 — CVSS 7.8 (high): An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the…
CVE-2018-3914 — CVSS 7.8 (high): An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the…
CVE-2018-3912 — CVSS 7.8 (high): On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process insecurely extracts the fields from…
CVE-2018-3908 — CVSS 7.5 (high): An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250-Firmware…
CVE-2018-3918 — CVSS 7.5 (high): An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore…
CVE-2018-3927 — CVSS 6.8 (medium): An exploitable information disclosure vulnerability exists in the crash handler of the hubCore binary of the Samsung SmartThings Hub…
CVE-2018-3913 — CVSS 6.7 (medium): An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the…
CVE-2018-3926 — CVSS 5.5 (medium): An exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of the hubCore binary of the Samsung…