Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An exploitable vulnerability exists in the smart cameras RTSP configuration of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The device incorrectly handles spaces in the URL field, leading to an arbitrary operating system command injection. An attacker can send a series of HTTP requests to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Samsung SmartThings Hub 命令注入漏洞
Vulnerability Description
Samsung SmartThings Hub是韩国三星(Samsung)公司的一款智能家居管理设备。 使用0.20.17版本固件的Samsung SmartThings Hub中的智能摄像头RTSP配置存在命令注入漏洞,该漏洞源于程序错误地处理了URL字段中的空格。攻击者可通过发送一系列HTTP请求利用该漏洞执行任意的shell命令。
CVSS Information
N/A
Vulnerability Type
N/A