CNNVD-202601-3467 Information

CNNVD ID

CNNVD-202601-3467

Related CVE

CVE-2026-1201

• CNNVD Published: 2026-01-22

Description (Chinese)

Hubitat Elevation是Hubitat公司的一个本地化智能家居控制中心。 Hubitat Elevation 2.4.2.157之前版本存在安全漏洞，该漏洞源于用户可控密钥导致授权绕过，可能导致远程认证用户通过客户端请求操作控制其授权范围外的连接设备。

Description (English)

Hubitat Elevation is a local smart home control centre for Hubitat. The previous version of Hubitat Elevation 2.4.2.157 had a security loophole, which stemmed from a user-controlled key that led to the circumvention of the authorization, which could lead to remote authentication of the user ’ s request to operate to control the connection outside its authorized area.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Hubitat

Published

2026-01-22

Last Modified

2026-02-24

References

https://www.cisa.gov/news-events/ics-advisories/icsa-26-022-06 https://access.redhat.com/security/cve/cve-2026-1201

Patch

https://hubitat.com/