Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, 'on_url' callback. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Samsung SmartThings Hub video-core HTTP服务器安全漏洞
Vulnerability Description
Samsung SmartThings Hub是韩国三星(Samsung)公司的一款智能家居管理设备。video-core HTTP server是其中的一个HTTP服务器。 使用0.20.17版本固件的Samsung SmartThings Hub中的video-core HTTP服务器的REST解析器存在安全漏洞,该漏洞源于程序没有正确的处理管道化的请求。攻击者通过发送HTTP请求利用该漏洞覆盖之前解析的HTTP方法。
CVSS Information
N/A
Vulnerability Type
N/A