Skip to main content

Home Firmware

2 CVEs product

Monthly

CVE-2023-48419 CRITICAL Act Now

An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in Elevation of Privilege. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Google Nest Audio Firmware Nest Mini Firmware Home Mini Firmware +1
NVD
CVSS 3.1
10.0
EPSS
0.0%
CVE-2018-12716 MEDIUM This Month

The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Chromecast Firmware Home Firmware
NVD
CVSS 3.0
4.3
EPSS
0.7%
EPSS 0% CVSS 10.0
CRITICAL Act Now

An attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in Elevation of Privilege. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Google Nest Audio Firmware +3
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Chromecast Firmware +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy