Skip to main content

Lightify Home

4 CVEs product

Monthly

CVE-2016-5054 HIGH POC This Week

OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Lightify Home
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-5053 CRITICAL POC Act Now

OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary commands via TCP port 4000. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Lightify Home
NVD
CVSS 3.0
9.8
EPSS
2.0%
CVE-2016-5052 HIGH POC This Week

OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 does not use SSL pinning. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Lightify Home
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2016-5051 HIGH POC This Week

OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 stores a PSK in cleartext under /private/var/mobile/Containers/Data/Application. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Lightify Home
NVD
CVSS 3.0
7.5
EPSS
0.5%
EPSS 0% CVSS 7.5
HIGH POC This Week

OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 allows Zigbee replay. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Lightify Home
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 allows remote attackers to execute arbitrary commands via TCP port 4000. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Lightify Home
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

OSRAM SYLVANIA Osram Lightify Home through 2016-07-26 does not use SSL pinning. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Lightify Home
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

OSRAM SYLVANIA Osram Lightify Home before 2016-07-26 stores a PSK in cleartext under /private/var/mobile/Containers/Data/Application. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Lightify Home
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy