CNNVD-202601-1036 Information

Jan 06, 2026 cve

CNNVD ID

CNNVD-202601-1036

CVE-2020-36905

CNNVD Published: 2026-01-06

Description (Chinese)

FIBARO System Home Center是波兰FIBARO公司的一系列智能家居核心中控主机。 FIBARO System Home Center 5.021版本存在安全漏洞，该漏洞源于未记录的代理API存在远程文件包含漏洞，可能导致注入恶意脚本并劫持用户会话或操纵页面内容。

Description (English)

FIBARO System Home Center is the central host of a series of intelligent households in Poland. FIBARO System Home Center 5.021 has a security loophole, which stems from an unrecorded agent API having a remote file containing a loophole that could lead to the injection of malicious scripts and the hijacking of user sessions or manipulation of page content.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

FIBARO

Published

2026-01-06

Last Modified

2026-02-24

References

https://cxsecurity.com/issue/WLB-2020030140 https://exchange.xforce.ibmcloud.com/vulnerabilities/178269 https://packetstorm.news/files/id/156869 https://www.exploit-db.com/exploits/48240 https://www.fibaro.com https://www.vulncheck.com/advisories/fibaro-system-home-center-remote-file-inclusion-via-proxy-api https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5563.php

Share on: