CVE-2019-6838

A CWE-863: Incorrect Authorization vulnerability exists in U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15, which could allow a user with low privilege...

CVE-2019-6835

A Cross-Site Scripting XSS CWE-79 vulnerability exists in U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15, which could allow an attacker to inject...

CVE-2019-6840

A Format String: CWE-134 vulnerability exists in U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15, which could allow an attacker to send a crafted messa...

PT-2019-18372 · Unknown · U.Motion Server

Name of the Vulnerable Software and Affected Versions: U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15 Description: A Server-Side Request Forgery SSRF...

PT-2019-18370 · U.Motion · U.Motion Server

Name of the Vulnerable Software and Affected Versions: U.motion Server affected versions not specified Description: A Cross-Site Scripting XSS issue exists, which could allow an attacker to inject client-side script when a user visits a web page. Recommendations: At the moment, there is no...

PT-2019-18375 · U.Motion · U.Motion Server

Name of the Vulnerable Software and Affected Versions: U.motion Server affected versions not specified Description: A Format String vulnerability exists in the U.motion Server, which could allow an attacker to send a crafted message to the target server, thereby causing arbitrary commands to be...