Vulnerabilities in Logitech
10 resultsCVE-2018-15723—The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP request. An unauthentEPSS 3.7%CVE-2018-15721—The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP request. Remote atEPSS 1.8%CVE-2018-15722—The Logitech Harmony Hub before version 4.15.206 is vulnerable to OS command injection via the time update request. A remote server or man iEPSS 1.6%CVE-2018-15720—Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server that gave remote users access to the localEPSS 1.5%CVE-2022-0916HIGHBroken authentication on Logitech Options due to misvalidation of Oauth state parameterEPSS 0.4%CVE-2024-8258LOWInsecure Electron Fuses in Logitech Options Plus Allowing Arbitrary Code Execution on macOSEPSS 0.4%CVE-2024-2537MEDIUMElectron Code Injection in Logi Tune macOS ApplicationEPSS 0.3%CVE-2024-4031MEDIUMMEVO WEBCAM APP Windows Unquoted Service Path VulnerabilityEPSS 0.2%CVE-2022-0915MEDIUMLogitech Sync desktop application prior to 2.4.574 - TOCTOU during installation leads to privelege escalationEPSS 0.2%CVE-2024-8011LOWLogitech Options+ on MacOS prior 1.72 allows a local attacker to inject dynamic library within Options+ runtime and abuse permissions granteEPSS 0.1%