Vulners
Lucene search
CVE-2021-41292
šļøĀ 30 Sep 2021Ā 10:40:52Reported byĀ twcertTypeĀ 
Ā cvešĀ web.nvd.nist.govšĀ 52Ā Viewsš WEB
| Reporter | Title | Published | Views | Family All 8 |
|---|---|---|---|---|
 | CVE-2021-41292 | 30 Sep 202114:37 | ā | circl |
 | Ecoa Bas controller ęęé®é¢ę¼ę“ | 30 Sep 202100:00 | ā | cnnvd |
 | ECOA BAS controller authentication bypass vulnerability | 8 Oct 202100:00 | ā | cnvd |
 | CVE-2021-41292 ECOA BAS controller - Broken Authentication | 30 Sep 202110:40 | ā | cvelist |
 | EUVD-2021-28322 | 3 Oct 202520:07 | ā | euvd |
 | CVE-2021-41292 | 30 Sep 202111:15 | ā | nvd |
 | Authentication flaw | 30 Sep 202111:15 | ā | prion |
 | ECOA Building Automation System Cookie Poisoning Authentication Bypass | 8 Sep 202100:00 | ā | zeroscience |
Node
Node
Node
[
{
"product": "ECS Router Controller ECS (FLASH)",
"vendor": "ECOA",
"versions": [
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 0",
"versionType": "custom"
}
]
},
{
"product": "RiskBuster Terminator E6L45",
"vendor": "ECOA",
"versions": [
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 0",
"versionType": "custom"
}
]
},
{
"product": "RiskBuster System RB 3.0.0",
"vendor": "ECOA",
"versions": [
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 0",
"versionType": "custom"
}
]
},
{
"product": "RiskBuster System TRANE 1.0",
"vendor": "ECOA",
"versions": [
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 0",
"versionType": "custom"
}
]
},
{
"product": "Graphic Control Software",
"vendor": "ECOA",
"versions": [
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 0",
"versionType": "custom"
}
]
},
{
"product": "SmartHome II E9246",
"vendor": "ECOA",
"versions": [
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 0",
"versionType": "custom"
}
]
},
{
"product": "RiskTerminator",
"vendor": "ECOA",
"versions": [
{
"lessThan": "unspecified",
"status": "unknown",
"version": "next of 0",
"versionType": "custom"
}
]
}
]| Source | Link |
|---|---|
| twcert | www.twcert.org.tw/tw/cp-132-5128-b075a-1.html |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| fname | query param | /menu.jsp | Authentication bypass via cookie poisoning to bypass authentication and access sensitive information via menu.jsp vulnerability. | CWE-287,Ā CWE-288 |
| time | query param | /menu.jsp | Authentication bypass via cookie poisoning to bypass authentication and access sensitive information via menu.jsp vulnerability. | CWE-287,Ā CWE-288 |
Data
Build on a solid foundation withĀ Vulners data
WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data
Api
Power your application withĀ Vulners API
The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access
App
Assess and manage vulnerabilities withĀ VulnersĀ tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
21 Nov 2024 06:25Current
9.2High risk
Vulners AI Score9.2
CVSS 26.4
CVSS 3.19.1 - 9.8
EPSS0.00488