3 matches found
Lutron Quantum BACnet Integration Sensitive Information Disclosure Vulnerability
Lutron Quantum BACnet Integration is a lighting control system from Lutron Electronics, USA. A security vulnerability exists in Lutron Quantum BACnet Integration version 2.0 using firmware version 3.2.243. A remote attacker can exploit the vulnerability by sending a /DbXmlInfo.xml request to obta...
Cross site request forgery (csrf)
An issue was discovered on Lutron Quantum BACnet Integration 2.0 firmware 3.2.243 devices. Remote attackers can obtain potentially sensitive information via a /DbXmlInfo.xml request, as demonstrated by the Latitude/Longitude of the device...
CVE-2018-7276
An issue was discovered on Lutron Quantum BACnet Integration 2.0 firmware 3.2.243 devices. Remote attackers can obtain potentially sensitive information via a /DbXmlInfo.xml request, as demonstrated by the Latitude/Longitude of the device...