logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-41294

Description

ECOA BAS controller suffers from a path traversal vulnerability, causing arbitrary files deletion. Using the specific GET parameter, unauthenticated attackers can remotely delete arbitrary files on the affected device and cause denial of service scenario.


Affected Software


CPE Name Name Version
ecoa:ecs_router_controller-ecs_firmware ecoa ecs router controller-ecs firmware -
ecoa:riskbuster_firmware ecoa riskbuster firmware -
ecoa:riskterminator ecoa riskterminator -

Related