Lucene search
K

Optergy Proton/Enterprise Building Management System - Open Redirect

🗓️ 03 Jul 2026 03:01:05Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 34 Views

Optergy Proton/Enterprise BMS Open Redirect vulnerability. Attacker can redirect user to malicious site, obtain sensitive info, and execute unauthorized operation

Related
Refs
Code
ReporterTitlePublishedViews
Family
CNVD
Optergy Proton/Enterprise Input Validation Error Vulnerability
11 Jun 201900:00
cnvd
CVE
CVE-2019-7275
1 Jul 201919:59
cve
Cvelist
CVE-2019-7275
1 Jul 201919:59
cvelist
ICS
Optergy Proton Enterprise Building Management System
6 Jun 201900:00
ics
NVD
CVE-2019-7275
1 Jul 201920:15
nvd
OSV
CVE-2019-7275
1 Jul 201920:15
osv
Packet Storm
Optergy Proton/Enterprise BMS 2.3.0a Open Redirect
12 Nov 201900:00
packetstorm
Prion
Open redirect
1 Jul 201920:15
prion
Positive Technologies
PT-2019-18505 · Optergy · Optergy Proton/Enterprise
1 Jul 201900:00
ptsecurity
RedhatCVE
CVE-2019-7275
7 Jan 202609:35
redhatcve
Rows per page
id: CVE-2019-7275

info:
  name: Optergy Proton/Enterprise Building Management System - Open Redirect
  author: 0x_Akoko
  severity: medium
  description: Optergy Proton/Enterprise Building Management System contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
  impact: |
    An attacker can exploit this vulnerability to redirect users to malicious websites, leading to phishing attacks or the download of malware.
  remediation: |
    Apply the latest security patches or updates provided by Optergy to fix the open redirect vulnerability.
  reference:
    - https://packetstormsecurity.com/files/155268/Optergy-Proton-Enterprise-BMS-2.3.0a-Open-Redirect.html
    - https://applied-risk.com/resources/ar-2019-008
    - https://cxsecurity.com/issue/WLB-2019110074
    - https://applied-risk.com/labs/advisories
    - https://nvd.nist.gov/vuln/detail/CVE-2019-7275
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2019-7275
    cwe-id: CWE-601
    epss-score: 0.09087
    epss-percentile: 0.94671
    cpe: cpe:2.3:a:optergy:enterprise:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: optergy
    product: enterprise
  tags: cve,cve2019,redirect,packetstorm,optergy,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/updating.jsp?url=https://interact.sh/"

    matchers:
      - type: regex
        part: header
        regex:
          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
# digest: 490a0046304402205a179dc8cbbe14202d33743ff75df810d8149b878984cce5b3661ec41c89325202201c70835fa2bdc681f4ceda6d76fcca390f93df599310f50fa70b03de7e06d70b:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
6.8Medium risk
Vulners AI Score6.8
CVSS 25.8
CVSS 3.16.1
EPSS0.09087
34