CVE-2019-25348

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2019-25348

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

编号撤回

Computrols CBAS-Web is a building automation management platform developed by the American company Computrols. This CVE number has been withdrawn...

Computrols CBAS-Web 19.0.0 Command Injection

!/usr/bin/env python ''' Computrols CBAS-Web Unauthenticated Remote Command Injection Exploit Affected versions: 19.0.0 and below by Sipke Mellema, 2019 Advisory: https://applied-risk.com/resources/ar-2019-009 Paper: https://applied-risk.com/resources/i-own-your-building-management-system Uses tw...

CBAS-Web 19.0.0 - Remote Code Execution Exploit

Exploit for hardware platform in category web applications Exploit Title: CBAS-Web 19.0.0 - Remote Code Execution Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/ Version: 19.0.0...

Computrols CBAS-Web 19.0.0 - (username) Reflected Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Computrols CBAS-Web 19.0.0 - 'username' Reflected Cross-Site Scripting Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...

Computrols CBAS-Web 19.0.0 Blind SQL Injection

Computrols CBAS-Web Authenticated Boolean-based Blind SQL Injection Affected versions: 19.0.0 and below CVE: CVE-2019-10852 Advisory: https://applied-risk.com/resources/ar-2019-009 Paper: https://applied-risk.com/resources/i-own-your-building-management-system by Gjoko 'LiquidWorm' Krstic PoC id...

Computrols CBAS-Web 19.0.0 Cross Site Request Forgery

Computrols CBAS-Web 19.0.0 CSRF Add Super Admin CVE: CVE-2019-10847 Advisory: https://applied-risk.com/resources/ar-2019-009 Paper: https://applied-risk.com/resources/i-own-your-building-management-system Discovered by Gjoko 'LiquidWorm' Krstic history.pushState'', 't00t', 'index.php'...

Computrols CBAS-Web 19.0.0 Cross Site Scripting

Computrols CBAS-Web Unauthenticated Reflected XSS Affected versions: 19.0.0 and below CVE: CVE-2019-10846 Advisory: https://applied-risk.com/resources/ar-2019-009 Paper: https://applied-risk.com/resources/i-own-your-building-management-system Discovered by Gjoko 'LiquidWorm' Krstic -- POST...

Computrols CBAS-Web 19.0.0 - username Reflected Cross-Site Scripting

Computrols CBAS-Web 19.0.0 - username Reflected Cross-Site Scripting Exploit Title: Computrols CBAS-Web 19.0.0 - 'username' Reflected Cross-Site Scripting Google Dork: NA Date: 2018-09-06 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...

Computrols CBAS-Web 19.0.0 Information Disclosure

Computrols CBAS-Web Information Disclosure Affected versions: 19.0.0 and below CVE: CVE-2019-10849 Advisory: https://applied-risk.com/resources/ar-2019-009 Paper: https://applied-risk.com/resources/i-own-your-building-management-system by Gjoko 'LiquidWorm' Krstic $ curl -s...

Computrols CBAS Web Authentication Bypass Vulnerability

CBAS Web is a Web-based building management system BMS from Computrols. An authentication bypass vulnerability exists in Computrols CBAS Web. An unauthenticated attacker could use this vulnerability to bypass authentication and gain full control of the device...