Homeseer » Homeseer Hs2 : Security Vulnerabilities, CVEs,
Cross-site request forgery (CSRF) vulnerability in /ctrl in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to hijack the authentication of admins for requests that execute arbitrary programs.
Max CVSS
6.8
EPSS Score
0.07%
Published
2011-12-15
Updated
2011-12-15
Cross-site scripting (XSS) vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to inject arbitrary web script or HTML via a request for a crafted URI.
Max CVSS
4.3
EPSS Score
0.14%
Published
2011-12-15
Updated
2011-12-15
Directory traversal vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to access arbitrary files via unspecified vectors.
Max CVSS
7.5
EPSS Score
0.26%
Published
2011-12-15
Updated
2011-12-15
3 vulnerabilities found