451 matches found
CVE-2026-24060
Service information is not encrypted when transmitted as BACnet packets over the wire, and can be sniffed, intercepted, and modified by an attacker. Valuable information such as the File Start Position and File Data can be sniffed from network traffic using Wireshark's BACnet dissector filter. Th...
Automated Logic WebCtrl 安全漏洞
Automated Logic WebCtrl is a web-based building automation system server developed by Automated Logic Corporation in the United States. Automated Logic WebCtrl has a security vulnerability, which stems from the unencrypted transmission of BACnet data packets. This vulnerability could allow...
CVE-2026-24060 Automated Logic WebCTRL Premium Server Cleartext Transmission of Sensitive Information
Service information is not encrypted when transmitted as BACnet packets over the wire, and can be sniffed, intercepted, and modified by an attacker. Valuable information such as the File Start Position and File Data can be sniffed from network traffic using Wireshark's BACnet dissector filter. Th...
CVE-2026-24060
Service information is not encrypted when transmitted as BACnet packets over the wire, and can be sniffed, intercepted, and modified by an attacker. Valuable information such as the File Start Position and File Data can be sniffed from network traffic using Wireshark's BACnet dissector filter. Th...
CVE-2026-24060
This CVE (CVE-2026-24060) concerns Automated Logic WebCTRL Premium Server where BACnet traffic is sent in cleartext, allowing on-wire sniffing/interception and potential modification. The issue exposes sensitive data such as File Start Position and File Data; Wireshark BACnet dissector can reveal...
CVE-2026-32666
CVE-2026-32666 affects WebCTRL systems using BACnet. The vulnerability arises from BACnet’s lack of network-layer authentication and WebCTRL’s absence of additional validation of BACnet traffic, permitting an attacker with network access to spoof BACnet packets directed at the WebCTRL server or A...
CVE-2025-41765
Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact images, HTTPS certificates, system backups for restoration, server peer configurations, and...
CVE-2025-41765
Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact images, HTTPS certificates, system backups for restoration, server peer configurations, and...
CVE-2025-41765
Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact images, HTTPS certificates, system backups for restoration, server peer configurations, and...
CVE-2025-41765 Unchecked role in wwwupload.cgi
Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact images, HTTPS certificates, system backups for restoration, server peer configurations, and...
PT-2026-24035
Name of the Vulnerable Software and Affected Versions Versions prior to 2025-41765 Description Insufficient authorization enforcement allows a remote attacker to upload and apply arbitrary data through the wwwupload.cgi endpoint. This includes contact images, HTTPS certificates, system backups,...
CVE-2026-26264
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0rc4 and 1.4.3rc2, a malformed WriteProperty request can trigger a length underflow in the BACnet stack, leading to an out‑of‑bounds read and a crash DoS. The issue is in wp.c within...
CVE-2026-21870
BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...
CVE-2026-26264
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0rc4 and 1.4.3rc2, a malformed WriteProperty request can trigger a length underflow in the BACnet stack, leading to an out‑of‑bounds read and a crash DoS. The issue is in wp.c within...
CVE-2026-21878
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0.rc3, a vulnerability has been discovered in BACnet Stack's file writing functionality where there is no validation of user-provided file paths, allowing attackers to write files to arbitrary...
Out-of-bounds Read
Overview bacnet-stack is a None Affected versions of this package are vulnerable to Out-of-bounds Read. via the wpdecodeservicerequest function. An attacker can cause an out-of-bounds read and crash the application by sending a malformed WriteProperty request with a truncated APDU, which triggers...
Off-by-one Error
Overview bacnet-stack is a None Affected versions of this package are vulnerable to Off-by-one Error. via the tokenizerstring function. An attacker can cause a crash by providing a string literal longer than the buffer limit, which leads to a stack overflow when the function incorrectly writes a...
CVE-2026-21870
BACnet Protocol Stack library provides a BACnet application layer, network layer and media access MAC layer communications services. In 1.4.2, 1.5.0.rc2, and earlier, an off-by-one stack-based buffer overflow in the ubasic interpreter causes a crash SIGABRT when processing string literals longer...
CVE-2026-26264
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0rc4 and 1.4.3rc2, a malformed WriteProperty request can trigger a length underflow in the BACnet stack, leading to an out‑of‑bounds read and a crash DoS. The issue is in wp.c within...
CVE-2026-26264 BACnet Stack WriteProperty decoding length underflow leads to OOB read and crash
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.5.0rc4 and 1.4.3rc2, a malformed WriteProperty request can trigger a length underflow in the BACnet stack, leading to an out‑of‑bounds read and a crash DoS. The issue is in wp.c within...