CVE-2020-22001

Published: 2021-04-27T18:15Z

Last Modified: 2024-11-21T05:13Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

HomeAutomation 3.3.2 suffers from an authentication bypass vulnerability when spoofing client IP address using the X-Forwarded-For header with the local (loopback) IP address value allowing remote control of the smart home solution. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt