Shodan
Vulnerabilities
Vulnerable Software
Logitech:  Security Vulnerabilities
CVE-2021-20638
LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.003
Published
2021-02-12
CVE-2021-20639
LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS commands via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.003
Published
2021-02-12
CVE-2021-20640
Buffer overflow vulnerability in LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute an arbitrary OS command via unspecified vectors.
CVSS Score
6.8
EPSS Score
0.001
Published
2021-02-12
CVE-2021-20641
Cross-site request forgery (CSRF) vulnerability in LOGITEC LAN-W300N/RS allows remote attackers to hijack the authentication of administrators via a specially crafted URL. As a result, unintended operations to the device such as changes of the device settings may be conducted.
CVSS Score
6.5
EPSS Score
0.001
Published
2021-02-12
CVE-2021-20642
Improper check or handling of exceptional conditions in LOGITEC LAN-W300N/RS allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted URL.
CVSS Score
6.5
EPSS Score
0.004
Published
2021-02-12
CVE-2016-10761
Logitech Unifying devices before 2016-02-26 allow keystroke injection, bypassing encryption, aka MouseJack.
CVSS Score
6.5
EPSS Score
0.0
Published
2019-06-29
CVE-2019-13052
Logitech Unifying devices allow live decryption if the pairing of a keyboard to a receiver is sniffed.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-06-29
CVE-2019-13053
Logitech Unifying devices allow keystroke injection, bypassing encryption. The attacker must press a "magic" key combination while sniffing cryptographic data from a Radio Frequency transmission. NOTE: this issue exists because of an incomplete fix for CVE-2016-10761.
CVSS Score
6.5
EPSS Score
0.0
Published
2019-06-29
CVE-2019-13054
The Logitech R500 presentation clicker allows attackers to determine the AES key, leading to keystroke injection. On Windows, any text may be injected by using ALT+NUMPAD input to bypass the restriction on the characters A through Z.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-06-29
CVE-2019-13055
Certain Logitech Unifying devices allow attackers to dump AES keys and addresses, leading to the capability of live decryption of Radio Frequency transmissions, as demonstrated by an attack against a Logitech K360 keyboard.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-06-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved