EUVD-2021-34715

Longjing Technology BEMS API versions up to and including 1.21 contains an unauthenticated arbitrary file download vulnerability in the 'downloads' endpoint. The 'fileName' parameter is not properly sanitized, allowing attackers to craft traversal sequences and access sensitive files outside the...

CVE-2021-4463

Longjing Technology BEMS API versions up to and including 1.21 contains an unauthenticated arbitrary file download vulnerability in the 'downloads' endpoint. The 'fileName' parameter is not properly sanitized, allowing attackers to craft traversal sequences and access sensitive files outside the...

CVE-2021-4463 Longjing Technology BEMS API <= 1.21 Remote Arbitrary File Download

Longjing Technology BEMS API versions up to and including 1.21 contains an unauthenticated arbitrary file download vulnerability in the 'downloads' endpoint. The 'fileName' parameter is not properly sanitized, allowing attackers to craft traversal sequences and access sensitive files outside the...

PT-2025-46728

Name of the Vulnerable Software and Affected Versions Longjing Technology BEMS API versions up to and including 1.21 Description The software contains an unauthenticated arbitrary file download issue in the 'downloads' endpoint. The fileName parameter lacks proper sanitization, enabling attackers...

EUVD-2021-23863

Malware in sbrugna...

EUVD-2021-23865

Malware in sbrugna...

EUVD-2021-23864

Malware in sbrugna...

编号撤回

ABB ASPECT is a scalable building energy management and control solution from ABB Switzerland. This CVE number has been withdrawn...

ABB ASPECT 访问控制错误漏洞

ABB ASPECT is a scalable building energy management and control solution from ABB Switzerland. An access control error vulnerability exists in ABB Aspect that stems from a lack of authentication for critical functions...

ABB ASPECT 访问控制错误漏洞

ABB ASPECT is a scalable building energy management and control solution from ABB Switzerland. An access control error vulnerability exists in ABB Aspect that stems from a lack of authentication for critical functions...

ABB多款产品 安全漏洞

ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...

CVE-2021-37292

An Access Control vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 due to an undocumented backdoor account. A malicious user can log in using the backdor account with admin highest privileges and obtain system control...

CVE-2021-37293

A Directory Traversal vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 via the page GET parameter in index.php...

CVE-2021-37291

An SQL Injection vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 ivia the inputid POST parameter in index.php...

ABB多款产品 安全漏洞

ABB ASPECT and others are products of ABB Switzerland.ABB ASPECT is a scalable building energy management and control solution.ABB MATRIX is an embedded building automation network controller.ABB NEXUS is a wireless and wired solution. A security vulnerability exists in several ABB products that...

ABB多款产品 安全漏洞

ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...

ABB Cylon Aspect 3.08.02 (MIX) Session Validation Bypass

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description ABB Cylon Aspect suffers from a broken session management issue. The...

ABB多款产品 安全漏洞

ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...

ABB多款产品 信任管理问题漏洞

ABB ASPECT and others are products of ABB Switzerland.ABB ASPECT is a scalable building energy management and control solution.ABB MATRIX is an embedded building automation network controller.ABB NEXUS is a wireless and wired solution. A number of ABB products are vulnerable to a trust management...

Unspecified Vulnerability in ABB ASPECT (CNVD-2024-49518)

ABB ASPECT is a scalable building energy management and control solution from ABB Switzerland. ABB ASPECT suffers from a security vulnerability that originates from the inclusion of a Use Default Credentials vulnerability in ASPECT on Linux. An attacker could exploit this vulnerability to gain...