Logitech : Security Vulnerabilities, CVEs, (Gain Privilege)
An issue was discovered in Logitech Options. The OAuth 2.0 state parameter was not properly validated. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations.
Max CVSS
8.8
EPSS Score
0.08%
Published
2022-05-03
Updated
2022-05-10
The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP request. Remote attackers can use this vulnerability to gain access to the local API.
Max CVSS
9.8
EPSS Score
1.20%
Published
2018-12-20
Updated
2019-10-09
2 vulnerabilities found