### [CVE-2021-25404](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25404)
![](https://img.shields.io/static/v1?label=Product&message=SmartThings&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=unspecified%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-922%3A%20Insecure%20Storage%20of%20Sensitive%20Information&color=brightgreen)

### Description

Information Exposure vulnerability in SmartThings prior to version 1.7.64.21 allows attacker to access user information via log.

### POC

#### Reference
- https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=5

#### Github
No PoCs found on GitHub currently.