Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you may not be able to execute some actions.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Security vulnerabilities in Home Assistant & custom integrations

BearWithBeard last edited by

I know that some folks in here are using Home Assistant, but they may not all be visiting the HA website regularly. So I thought I'd share this info here.

They have published two security disclosures recently, informing us about security vulnerabilities found in third party integrations (including HACS, commonly used to integrate Alexa and such), which allowed an attacker to access any file that is accessible by the Home Assistant process. Be sure to upgrade to Home Assistant Core 2021.1.5 or later and all custom integrations as soon as possible.

More details as well as (all?) affected custom integrations can be found in the Home Assistant blog.
Reply Quote 3
1 Reply Last reply

1
Posts

34
Views

Suggested Topics

Need some minor help with MQTT strings
Troubleshooting • mqtt relay home-assistant mosquitto binary • • drock1985

6

0
Votes

6
Posts

3547
Views

@drock1985 I guess your switch string should be as follows, #Switches (Lights) switch 1: platform: mqtt state_topic: "mygateway1-out/2/1/1/0/2" command_topic: "mygateway1-in/2/1/1/0/2" name: "test1" payload_on: "1" payload_off: "0"
Moving sensor from one network to another may cause conflict
Feature Requests • sensor security network • • iliak

1

0
Votes

1
Posts

1286
Views

No one has replied
fail presentation
Home Assistant • humidity home-assistant presentation • • Luc3as

7

0
Votes

7
Posts

2838
Views

@martinhjelmare Wow thank you so much. I've cleared the eeprom and now it gets node id 1. After removing the persistence file the sensor now shows on the web interface.
An HASS service to send messages to nodes
Home Assistant • home assistant home-assistant homeautomation • • xlcnd

22

0
Votes

22
Posts

5908
Views

Let me complete the example given for the node when you use V_IR_SEND. In order to send IR codes you need to transform the code in an unsigned long: char ircode[11] = {0}; // in case your code takes the form of 0xE0E0FF0F ... if (message.type == V_IR_SEND) { String hexstring = message.getString(); hexstring.toCharArray(ircode, sizeof(ircode)); ... // get the code as an unsigned long unsigned long code = strtoul(ircode, NULL, 0); // with IRLib send the code to TV sendSAMSUNG(code); ... Very simple, ** but is hard to find an example**!
Anti-theft Entrance Guard Alarm System Based on Arduino
My Project • arduino security • • Yeager Cade

1

1
Votes

1
Posts

1912
Views

No one has replied
💬 Aeos : a NRF52 versatile, up to 9in1, device
OpenHardware.io • temperature humidity motion nrf52 ble pressure air quality security accelerometer nfc weather door contact multisensors light lux microphone • • openhardware.io

51

4
Votes

51
Posts

15393
Views

@scalz May I request you to share your code for it please. Thanks

Security vulnerabilities in Home Assistant & custom integrations

Suggested Topics

Need some minor help with MQTT strings
Troubleshooting • mqtt relay home-assistant mosquitto binary • • drock1985

Moving sensor from one network to another may cause conflict
Feature Requests • sensor security network • • iliak

fail presentation
Home Assistant • humidity home-assistant presentation • • Luc3as

An HASS service to send messages to nodes
Home Assistant • home assistant home-assistant homeautomation • • xlcnd

Anti-theft Entrance Guard Alarm System Based on Arduino
My Project • arduino security • • Yeager Cade

💬 Aeos : a NRF52 versatile, up to 9in1, device
OpenHardware.io • temperature humidity motion nrf52 ble pressure air quality security accelerometer nfc weather door contact multisensors light lux microphone • • openhardware.io

9
Online

11.2k
Users

11.1k
Topics

112.5k
Posts

Security vulnerabilities in Home Assistant & custom integrations

Suggested Topics

Need some minor help with MQTT strings Troubleshooting • mqtt relay home-assistant mosquitto binary • • drock1985

Moving sensor from one network to another may cause conflict Feature Requests • sensor security network • • iliak

fail presentation Home Assistant • humidity home-assistant presentation • • Luc3as

An HASS service to send messages to nodes Home Assistant • home assistant home-assistant homeautomation • • xlcnd

Anti-theft Entrance Guard Alarm System Based on Arduino My Project • arduino security • • Yeager Cade

💬 Aeos : a NRF52 versatile, up to 9in1, device OpenHardware.io • temperature humidity motion nrf52 ble pressure air quality security accelerometer nfc weather door contact multisensors light lux microphone • • openhardware.io

9Online

11.2kUsers

11.1kTopics

112.5kPosts

Need some minor help with MQTT strings
Troubleshooting • mqtt relay home-assistant mosquitto binary • • drock1985

Moving sensor from one network to another may cause conflict
Feature Requests • sensor security network • • iliak

fail presentation
Home Assistant • humidity home-assistant presentation • • Luc3as

An HASS service to send messages to nodes
Home Assistant • home assistant home-assistant homeautomation • • xlcnd

Anti-theft Entrance Guard Alarm System Based on Arduino
My Project • arduino security • • Yeager Cade

💬 Aeos : a NRF52 versatile, up to 9in1, device
OpenHardware.io • temperature humidity motion nrf52 ble pressure air quality security accelerometer nfc weather door contact multisensors light lux microphone • • openhardware.io

9
Online

11.2k
Users

11.1k
Topics

112.5k
Posts