CVE-2020-21989

EPSS 0.17% · P38 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-21989

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

HomeAutomation 3.3.2 is affected by Cross Site Request Forgery (CSRF). The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Subreddit Home Automation 跨站请求伪造漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Subreddit Home Automation是Subreddit社区的一个自动化设备。一个自动化电灯。 HomeAutomation 3.3.2 版本存在跨站请求伪造漏洞，该漏洞允许用户通过HTTP请求执行某些操作，而无需执行任何有效性检查来验证请求。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2020-21989

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-21989

请登录查看更多情报信息。

Zero Science Lab » HomeAutomation v3.3.2 CSRF Add Admin Exploitx_refsource_MISC
https://www.exploit-db.com/exploits/47808exploitx_refsource_EXPLOIT-DB
https://nvd.nist.gov/vuln/detail/CVE-2020-21989

Same Patch Batch · n/a · 2021-04-27 · 27 CVEs total

CVE-2019-25033		Unbound 输入验证错误漏洞
CVE-2021-31671		pgsync 安全漏洞
CVE-2021-30635		Sonatype Nexus Repository Manager IQ 路径遍历漏洞
CVE-2021-31826		Shibboleth 代码问题漏洞
CVE-2019-25042		Unbound 缓冲区错误漏洞
CVE-2019-25041		Unbound 安全漏洞
CVE-2019-25040		Unbound 安全漏洞
CVE-2019-25039		Unbound 输入验证错误漏洞
CVE-2019-25038		Unbound 输入验证错误漏洞
CVE-2019-25037		Unbound 安全漏洞
CVE-2019-25036		Unbound 安全漏洞
CVE-2019-25035		Unbound 缓冲区错误漏洞
CVE-2019-25034		Unbound 输入验证错误漏洞
CVE-2020-22001		Subreddit Home Automation 授权问题漏洞
CVE-2019-25032		Unbound 输入验证错误漏洞
CVE-2019-25031		Unbound 注入漏洞
CVE-2020-35542		Unisys Data Exchange Management Studio 跨站脚本漏洞
CVE-2021-27480		Delta Industrial Automation COMMGR 安全漏洞
CVE-2021-22660		Delta Electronics CNCSoft-B 缓冲区错误漏洞
CVE-2021-22664		Delta Electronics CNCSoft-B 缓冲区错误漏洞

Showing top 20 of 27 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2020-21989

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2020-21989

I. Basic Information for CVE-2020-21989

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-21989

III. Intelligence Information for CVE-2020-21989

Same Patch Batch · n/a · 2021-04-27 · 27 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2020-21989

Leave a comment