CVE-2021-47942

HIGH

Home Assistant Community Store 1.10.0 Path Traversal Account Takeover

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-47942. PoCs published by Lyghtnox.

AI-analyzed exploit summary This exploit leverages a path traversal vulnerability in Home Assistant Community Store (HACS) to access sensitive files (e.g., `.storage/auth`) and craft a valid JWT token for admin access. The PoC demonstrates the vulnerability by retrieving user data and generating a token that can be used to take over an account.

Description

Home Assistant Community Store (HACS) prior to 1.10.0 contains a path traversal vulnerability that allows unauthenticated attackers to read sensitive files by traversing directories via the /hacsfiles/ endpoint. Attackers can retrieve the .storage/auth file containing user credentials and refresh tokens, then craft valid JWT tokens to gain administrative access to Home Assistant instances.

Exploits (1)

exploitdb WORKING POC

by Lyghtnox · pythonwebappspython

https://www.exploit-db.com/exploits/49495

View Code ZIP pw:eip

This exploit leverages a path traversal vulnerability in Home Assistant Community Store (HACS) to access sensitive files (e.g., `.storage/auth`) and craft a valid JWT token for admin access. The PoC demonstrates the vulnerability by retrieving user data and generating a token that can be used to take over an account.

Classification

Working Poc 100%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Home Assistant Community Store (HACS) < 1.10.0

No auth needed

Prerequisites: Network access to the target Home Assistant instance · HACS installed and vulnerable version running

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1078 - Valid Accounts

devstral-2 · analyzed May 16, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit exploit

ExploitDB-49495

https://www.exploit-db.com/exploits/49495

Product product

Official Product Homepage

https://www.home-assistant.io/

Product product

Product Reference

https://github.com/hacs/integration

Third Party Advisory third-party-advisory

VulnCheck Advisory: Home Assistant Community Store 1.10.0 Path Traversal Account Takeover

https://www.vulncheck.com/advisories/home-assistant-community-store-path-traversal-account-takeover

Scores

CVSS v3 7.5

EPSS 0.0050

EPSS Percentile 38.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-22

Status published

Products (2)

hacs/home_assistant_community_store < 1.10.0

Home-Assistant/Home Assistant Community Store (HACS) < 1.10.0

Published May 16, 2026

Tracked Since May 16, 2026