Lucene search
K

6 matches found

OSV
OSV
โ€ขadded 2026/06/11 5:16 p.m.โ€ข4 views

DEBIAN-CVE-2026-44494

Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.16.0, the Axios library is vulnerable to a Prototype Pollution "Gadget" attack that allows any Object.prototype pollution in the application's dependency tree to be escalated into a full Man-in-the-Middle MIT...

8.7CVSS5.2AI score0.01041EPSS
Exploits1References1
Packet Storm
Packet Storm
โ€ขadded 2025/05/19 12:0 a.m.โ€ข87 views

๐Ÿ“„ ABB Cylon FLXeon 9.3.5 bbmdList.js Authenticated Configuration Poisoning

The ABB Cylon FLXeon BACnet controller suffers from a configuration poisoning vulnerability in the put function of bbmdList.js, where the writeFile function is invoked to persist user-controlled data req.body.bipList and req.body.natList directly into sensitive configuration files /etc/bdt.txt an...

7.2AI score
Exploits0
Zero Science Lab
Zero Science Lab
โ€ขadded 2025/05/19 12:0 a.m.โ€ข237 views

ABB Cylon FLXeon 9.3.5 (bbmdList.js) Authenticated Config Poisoning

Summary BACnetยฎ Smart Building Controllers. ABB's BACnet portfolio features a series of BACnetยฎ IP and BACnet MS/TP field controllers for ASPECTยฎ and INTEGRAโ„ข building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boiler...

5.9AI score
Exploits0
Exploit DB
Exploit DB
โ€ขadded 2025/04/15 12:0 a.m.โ€ข218 views

ABB Cylon Aspect 3.08.02 (webServerUpdate.php) - Input Validation Config Poisoning

ABB Cylon Aspect 3.08.02 webServerUpdate.php Input Validation Config Poisoning Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.02 Summary: ASPECT is an award-winning scalable building energ...

7.4AI score
Exploits0
0day.today
0day.today
โ€ขadded 2025/01/09 12:0 a.m.โ€ข465 views

ABB Cylon Aspect 3.08.02 webServerUpdate.php Configuration Poisoning Vulnerability

ABB Cylon Aspect version 3.08.02 suffers from improper input validation on the port POST parameter in the webServerUpdate.php script. This input is not validated on the server side and relies on bypassable client-side checks using the inString.js script to verify that the port parameter contains...

7.6AI score
Exploits0
Zero Science Lab
Zero Science Lab
โ€ขadded 2025/01/09 12:0 a.m.โ€ข478 views

ABB Cylon Aspect 3.08.02 (webServerUpdate.php) Input Validation Config Poisoning

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from improper input validation on...

5.9AI score
Exploits0
Rows per page
Query Builder