VYPR

Smart Things

by Samsung Mobile

CVEs (3)

  • CVE-2022-30746HigJun 7, 2022
    risk 0.49cvss 7.5epss 0.01

    Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API.

  • CVE-2022-30747MedJun 7, 2022
    risk 0.36cvss 5.5epss 0.00

    PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to access files without permission via implicit Intent.

  • CVE-2023-21432MedFeb 9, 2023
    risk 0.27cvss 4.2epss 0.00

    Improper access control vulnerabilities in Smart Things prior to 1.7.93 allows to attacker to invite others without authorization of the owner.