CVE-2021-41291 ECOA BAS controller - Path Traversal-1

🗓️ 30 Sep 2021 10:40:51Reported by twcertType

ECOA BAS controller Path Traversal vulnerabilit

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2021-41291	30 Sep 202114:37	–	circl
CNNVD	Ecoa Bas controller 路径遍历漏洞	30 Sep 202100:00	–	cnnvd
CNVD	ECOA BAS controller path traversal vulnerability	18 Oct 202100:00	–	cnvd
CVE	CVE-2021-41291	30 Sep 202110:40	–	cve
Nuclei	ECOA Building Automation System - Directory Traversal Content Disclosure	1 Jun 202605:38	–	nuclei
NVD	CVE-2021-41291	30 Sep 202111:15	–	nvd
OpenVAS	Generic HTTP Directory Traversal / File Inclusion (Web Application URL Parameter) - Active Check	26 Sep 201700:00	–	openvas
Prion	Path traversal	30 Sep 202111:15	–	prion
Zero Science Lab	ECOA Building Automation System Directory Traversal Content Disclosure	8 Sep 202100:00	–	zeroscience

[
  {
    "product": "ECS Router Controller ECS (FLASH)",
    "vendor": "ECOA",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "unknown",
        "version": "next of 0",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "RiskBuster Terminator E6L45",
    "vendor": "ECOA",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "unknown",
        "version": "next of 0",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "RiskBuster System RB 3.0.0",
    "vendor": "ECOA",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "unknown",
        "version": "next of 0",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "RiskBuster System TRANE 1.0",
    "vendor": "ECOA",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "unknown",
        "version": "next of 0",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Graphic Control Software",
    "vendor": "ECOA",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "unknown",
        "version": "next of 0",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "SmartHome II E9246",
    "vendor": "ECOA",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "unknown",
        "version": "next of 0",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "RiskTerminator",
    "vendor": "ECOA",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "unknown",
        "version": "next of 0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
twcert	www.twcert.org.tw/tw/cp-132-5127-3cbd3-1.html

30 Sep 2021 10:40Current

7.7High risk

Vulners AI Score7.7

CVSS 3.17.5

EPSS0.9166

CWE-22