An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Unauthenticated Remote Code Execution is possible through the open HTTP interface by modifying autoexec.bat, aka KONE-01.
CPE | Name | Operator | Version |
---|---|---|---|
group_controller_firmware | lt | 4.6.5 |