Lucene search
+L

5 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-54086

Malicious code in bioql PyPI...

6.8CVSS6.7AI score0.01162EPSS
Exploits0References3
osv
osv
added 2023/08/22 7:16 p.m.7 views

CVE-2023-4212

​A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats allowing an attacker to execute arbitrary commands as root using a specially crafted filename. The vulnerability requires physical access to the device via a USB stick...

6.8CVSS6.1AI score0.01162EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2023/08/22 5:34 p.m.9 views

CVE-2023-4212 Trane Thermostats Injection

​A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats allowing an attacker to execute arbitrary commands as root using a specially crafted filename. The vulnerability requires physical access to the device via a USB stick...

6.8CVSS7AI score0.01162EPSS
Exploits0References3
ics
ics
added 2023/08/22 6:0 a.m.32 views

Trane Thermostats

1. EXECUTIVE SUMMARY ​CVSS v3 6.8 ​ATTENTION: Low attack complexity ​Vendor: Trane ​Equipment: XL824, XL850, XL1050, and Pivot thermostats ​Vulnerability: Injection 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands as root...

6.8CVSS6.9AI score0.01162EPSS
Exploits0References8
cnnvd
cnnvd
added 2023/08/22 12:0 a.m.5 views

多款Trane产品命令注入漏洞

The Trane XL824 and others are a smart thermostat from Trane Ireland Trane. The Trane XL824, XL850, and XL1050 are vulnerable to a command injection vulnerability that stems from the presence of a command injection vulnerability that allows an attacker to execute arbitrary commands as root using...

6.8CVSS7.1AI score0.01162EPSS
Exploits0References5
Rows per page
Query Builder