Unrated severityNVD Advisory· Published Jan 21, 2021· Updated Aug 3, 2024
CVE-2021-3152
CVE-2021-3152
Description
Home Assistant before 2021.1.3 does not have a protection layer that can help to prevent directory-traversal attacks against custom integrations. NOTE: the vendor's perspective is that the vulnerability itself is in custom integrations written by third parties, not in Home Assistant; however, Home Assistant does have a security update that is worthwhile in addressing this situation
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Home Assistant/Home Assistantdescription
- Range: < 2021.1.3
Patches
Vulnerability mechanics
References
2- www.home-assistant.io/blog/2021/01/14/security-bulletin/mitrex_refsource_CONFIRM
- www.home-assistant.io/blog/2021/01/22/security-disclosure/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.