{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-28T05:13:51.064","vulnerabilities":[{"cve":{"id":"CVE-2018-15723","sourceIdentifier":"vulnreport@tenable.com","published":"2018-12-20T21:29:00.777","lastModified":"2026-06-17T01:43:00.380","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP request. An unauthenticated remote attacker can leverage this vulnerability to execute application defined commands (e.g. harmony.system?systeminfo)."},{"lang":"es","value":"Logitech Harmony Hub, en versiones anteriores a la 4.15.206, es vulnerable a una inyección de comandos a nivel de aplicación mediante una petición HTTP manipulada. Un atacante remoto no autenticado puede aprovechar esta vulnerabilidad para ejecutar comandos definidos por la aplicación (por ejemplo, harmony.system?systeminfo)."}],"affected":[{"source":"vulnreport@tenable.com","affectedData":[{"vendor":"Logitech","product":"Logitech Harmony Hub","versions":[{"version":"Firmware before 4.15.206","status":"affected"}]}]}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"vulnreport@tenable.com","type":"Secondary","description":[{"lang":"en","value":"CWE-346"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:logitech:harmony_hub_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.15.206","matchCriteriaId":"B1A7B59C-D2E9-4A22-9BFC-1B51E310C2B7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:logitech:harmony_hub:-:*:*:*:*:*:*:*","matchCriteriaId":"BDBF64B5-F971-4A8F-A76B-A5DF75D23DF5"}]}]}],"references":[{"url":"https://www.tenable.com/security/research/tra-2018-47","source":"vulnreport@tenable.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.tenable.com/security/research/tra-2018-47","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}