Skip to main content

Lightify Pro

5 CVEs product

Monthly

CVE-2016-5059 MEDIUM POC This Month

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Lightify Pro
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2016-5058 HIGH POC This Week

OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Lightify Pro
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-5057 HIGH POC This Week

OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Lightify Pro
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2016-5056 HIGH POC This Week

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Lightify Pro
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2016-5055 MEDIUM POC This Month

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Lightify Pro
NVD
CVSS 3.0
6.1
EPSS
0.3%
EPSS 0% CVSS 6.5
MEDIUM POC This Month

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 allows attackers to obtain sensitive information by reading screenshots under /private/var/mobile/Containers/Data/Application. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Lightify Pro
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Lightify Pro
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 does not use SSL pinning. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Lightify Pro
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Lightify Pro
NVD
EPSS 0% CVSS 6.1
MEDIUM POC This Month

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Lightify Pro
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy