Lucene search
K

3 matches found

Zero Science Lab
Zero Science Lab
added 2024/10/18 12:0 a.m.312 views

ABB Cylon Aspect 3.08.01 (databaseFileDelete.php) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an unauthenticated OS command...

6.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/10/09 12:0 a.m.5 views

The vulnerability in the databasefiledelete.php script of the ASPECT Enterprise, NEXUS Series, MATRIX Series embedded network controller software web server allows a perpetrator to gain unauthorized access to the device and delete arbitrary files.

The vulnerability of the databasefiledelete.php web script of the ASPECT Enterprise, NEXUS Series, MATRIX Series embedded network controller software lies in the use of files and directories accessible from external parties. Exploiting this vulnerability could allow an attacker to gain unauthoriz...

9.6CVSS5.5AI score0.17159EPSS
Exploits3References4Affected Software19
Zero Science Lab
Zero Science Lab
added 2024/09/23 12:0 a.m.361 views

ABB Cylon Aspect 3.08.01 (databaseFileDelete.php) Arbitrary File Delete

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The BMS/BAS controller suffers from an arbitrary file deletion...

10CVSS5.9AI score0.17159EPSS
Exploits3
Rows per page
Query Builder