Cross site request forgery (csrf)

ECOA BAS controller has a Cross-Site Request Forgery vulnerability, thus authenticated attacker can remotely place a forged request at a malicious web page and execute CRUD commands GET, POST, PUT, DELETE to perform arbitrary operations in the system...

Hardcoded credentials

ECOA BAS controller is vulnerable to hard-coded credentials within its Linux distribution image, thus remote attackers can obtain administrator’s privilege without logging in...

Privilege escalation

ECOA BAS controller’s special page displays user account and passwords in plain text, thus unauthenticated attackers can access the page and obtain privilege with full functionality...

Path traversal

ECOA BAS controller suffers from a path traversal content disclosure vulnerability. Using the GET parameter in File Manager, unauthenticated attackers can remotely disclose directory content on the affected device...

Path traversal

ECOA BAS controller suffers from a path traversal vulnerability, causing arbitrary files disclosure. Using the specific POST parameter, unauthenticated attackers can remotely disclose arbitrary files on the affected device and disclose sensitive and system information...

Default credentials

ECOA BAS controller stores sensitive data backup exports in clear-text, thus the unauthenticated attacker can remotely query user password and obtain user’s privilege...

CVE-2021-41302 ECOA BAS controller - Missing Encryption of Sensitive Data

ECOA BAS controller stores sensitive data backup exports in clear-text, thus the unauthenticated attacker can remotely query user password and obtain user’s privilege...

CVE-2021-41302

CVE-2021-41302 affects ECOA BAS controller family (ECS Router Controller - ECS (FLASH); RiskBuster Terminator - E6L45; RiskBuster System RB 3.0.0; TRANE 1.0; Graphic Control Software; SmartHome II - E9246; RiskTerminator). The issue is that backup exports and other sensitive data are stored in cl...

CVE-2021-41301 ECOA BAS controller - Exposure of Sensitive Information to an Unauthorized Actor

ECOA BAS controller is vulnerable to configuration disclosure when direct object reference is made to the specific files using an HTTP GET request. This will enable the unauthenticated attacker to remotely disclose sensitive information and help her in authentication bypass, privilege escalation...

CVE-2021-41301

The CVE-2021-41301 issue affects ECOA BAS controller family (ECS Router Controller - ECS (FLASH); RiskBuster Terminator E6L45; RiskBuster System RB 3.0.0 / TRANE 1.0; and related ECOA software). Root cause: information disclosure via direct object reference to syspara.dat or images.dat when acces...

CVE-2021-41300

CVE-2021-41300 concerns an information disclosure vulnerability in ECOA BAS controller. Multiple sources describe that the affected ECOA devices expose user credentials on a special web page, allowing unauthenticated remote access with full functionality. The Zero Science Lab report expands this ...

CVE-2021-41299

CVE-2021-41299 affects ECOA BAS controller family (ECS Router Controller – ECS (FLASH), RiskBuster Terminator E6L45, RB 3.0.0, TRANE 1.0, Graphic Control Software, SmartHome II E9246, RiskTerminator). Root cause: hard-coded credentials embedded in the Linux distribution image, enabling remote att...

CVE-2021-41299 ECOA BAS controller - Use of Hard-coded Credentials

ECOA BAS controller is vulnerable to hard-coded credentials within its Linux distribution image, thus remote attackers can obtain administrator’s privilege without logging in...

CVE-2021-41298 ECOA BAS controller - Improper Access Control

ECOA BAS controller is vulnerable to insecure direct object references that occur when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability, attackers with general user's privilege can remotely bypass authorization and access the hidden...

CVE-2021-41298

CVE-2021-41298 – ECOA BAS controller is vulnerable to insecure direct object references (IDOR). The issue allows remote attackers with general user privileges to bypass authorization and access hidden resources or execute privileged functions. Affected products include ECOA ECS Router Controller ...

CVE-2021-41297 ECOA BAS controller - Insufficiently Protected Credentials-1

ECOA BAS controller is vulnerable to weak access control mechanism allowing authenticated user to remotely escalate privileges by disclosing credentials of administrative accounts in plain-text...

CVE-2021-41297

CVE-2021-41297 affects ECOA BAS controller family (building automation controllers) and is due to a weak access-control mechanism that can allow an authenticated user to obtain administrative credentials in clear text, enabling remote privilege escalation. The vulnerability is documented across m...

CVE-2021-41296 ECOA BAS controller - Weak Password Requirements

ECOA BAS controller uses weak set of default administrative credentials that can be easily guessed in remote password attacks and gain full control of the system...

CVE-2021-41296

CVE-2021-41296 affects ECOA BAS controller family (ECS Router Controller ECS (FLASH), RiskBuster Terminator E6L45, RiskBuster System RB 3.0.0/TRANE 1.0, Ecoa Graphic Control Software, Ecoa SmartHome II, etc.). Root cause: weak/default administrative credentials that can be guessed, allowing remot...

CVE-2021-41295 ECOA BAS controller - Cross-Site Request Forgery (CSRF)

ECOA BAS controller has a Cross-Site Request Forgery vulnerability, thus authenticated attacker can remotely place a forged request at a malicious web page and execute CRUD commands GET, POST, PUT, DELETE to perform arbitrary operations in the system...