Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Prion
Prionadded 2017/01/06 9:59 p.m.7 views

Remote code execution

An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting...

10CVSS8.8AI score0.09063EPSS
Exploits1References2Affected Software1
NVD
NVDadded 2017/01/06 9:59 p.m.6 views

CVE-2015-2868

An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting...

10CVSS9.9AI score0.09063EPSS
Exploits1References2
Cvelist
Cvelistadded 2017/01/06 9:0 p.m.14 views

CVE-2015-2868

An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting...

10AI score0.09063EPSS
Exploits1References2
CVE
CVEadded 2017/01/06 9:0 p.m.52 views

CVE-2015-2868

CVE-2015-2868 affects Trane ComfortLink II (firmware 2.0.2) in the DSS service. The vulnerability is a remote code execution caused by processing an overly long REG request that overflows a fixed-size stack buffer. Investigations describe unsafe input handling (sscanf and strcpy) in the DSS reque...

10CVSS9.9AI score0.09063EPSS
Exploits1References2Affected Software1
Check Point Advisories
Check Point Advisoriesadded 2017/01/04 12:0 a.m.3 views

Trane comfort Link II DSS services handling remote code execution (CVE-2015-2868)

An exploitable remote code execution vulnerability exists in the Trane ComfortLink II DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long request that can overflow a fixed size stack buffer, resulting in arbitrary code execution...

10CVSS9.8AI score0.09063EPSS
Exploits1
Talos
Talosadded 2016/02/08 12:0 a.m.29 views

Trane Comfortlink II DSS Service Request Handling Remote Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0026 Trane Comfortlink II DSS Service Request Handling Remote Code Execution Vulnerability February 8, 2016 CVE Number CVE-2015-2868 Description An exploitable remote code execution vulnerability exists in the Trane ComfortLink II DSS service. An attacker who...

10CVSS10.1AI score0.09063EPSS
Exploits1
Talos
Talosadded 2016/02/08 12:0 a.m.27 views

Trane Comfortlink II DSS Service REG Handling Remote Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0027 Trane Comfortlink II DSS Service REG Handling Remote Code Execution Vulnerability February 8, 2016 CVE Number CVE-2015-2868 DESCRIPTION An exploitable remote code execution vulnerability exists in the Trane ComfortLink II DSS service. An attacker who can...

10CVSS10.1AI score0.09063EPSS
Exploits1
Rows per page
Query Builder