VYPR
Vendor

Thrive

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2021-47710HigDec 9, 2025
    risk 0.57cvss epss 0.00

    COMMAX Smart Home System is a smart IoT home solution that allows an unauthenticated attacker to disclose RTSP credentials in plain-text by exploiting the /overview.asp endpoint. Attackers can access sensitive information, including login credentials and DVR settings, by…

  • CVE-2021-47709HigDec 9, 2025
    risk 0.57cvss epss 0.00

    COMMAX Smart Home System allows an unauthenticated attacker to change configuration and cause denial-of-service through the setconf endpoint. Attackers can trigger a denial-of-service scenario by sending a malformed request to the setconf endpoint.

  • CVE-2024-48544HigOct 24, 2024
    risk 0.55cvss 8.4epss 0.00

    Incorrect access control in the firmware update and download processes of Sylvania Smart Home v3.0.3 allows attackers to access sensitive information by analyzing the code and data within the APK file.

  • CVE-2019-25325HigFeb 12, 2026
    risk 0.53cvss 8.2epss 0.00

    Thrive Smart Home 1.1 contains an SQL injection vulnerability in the checklogin.php endpoint that allows unauthenticated attackers to bypass authentication by manipulating the 'user' POST parameter. Attackers can inject malicious SQL code like ' or 1=1# to manipulate login…