Vulnerability in Samsung

CVE-2018-3911

An exploitable HTTP header injection vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated message to SmartThi…

EPSS: 0.012 (65.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2018-3911?
CVE-2018-3911 is a high-severity vulnerability in Samsung, classified under HTTP Response Splitting. CVSS score: 8.6/10. Published 2018-08-23.
How severe is CVE-2018-3911?
High severity. CVSS v3 base score is 8.6 out of 10.