47 matches found
EUVD-2021-28331
Malicious code in bioql PyPI...
EUVD-2021-28332
Malicious code in bioql PyPI...
EUVD-2021-28326
Malicious code in bioql PyPI...
EUVD-2021-28320
Malicious code in bioql PyPI...
EUVD-2021-28330
Malicious code in bioql PyPI...
EUVD-2021-28329
Malicious code in bioql PyPI...
EUVD-2021-28322
Malicious code in bioql PyPI...
EUVD-2021-28327
Malicious code in bioql PyPI...
VulnCheck KEV: CVE-2021-41295
ECOA BAS controller has a Cross-Site Request Forgery vulnerability, thus authenticated attacker can remotely place a forged request at a malicious web page and execute CRUD commands GET, POST, PUT, DELETE to perform arbitrary operations in the system...
ECOA BAS controller weak password vulnerability
ECOA BAS controller is an intelligent lighting control solution. ECOA BAS controller has a weak password vulnerability that could be exploited by attackers to gain full control of the system...
ECOA BAS controller information disclosure vulnerability
ECOA BAS controller is a building automation controller. ECOA BAS controller handles HTTP GET requests and is vulnerable to information disclosure, which can be exploited by remote attackers to submit ad hoc requests that can obtain sensitive information...
ECOA BAS controller unauthorized access vulnerability
ECOA BAS controller is an intelligent lighting control solution. an unauthorized access vulnerability exists in ECOA BAS controller, which can be exploited by remote attackers to bypass authorization to access hidden resources in the system and perform privileged functions...
ECOA BAS controller cross-site request forgery vulnerability
ECOA BAS controller is an intelligent lighting control solution. ECOA BAS controller is vulnerable to cross-site request forgery, which can be exploited by attackers to send forged requests to malicious web pages and execute CRUD commands to perform arbitrary actions on the system...
ECOA BAS controller arbitrary file upload vulnerability
ECOA BAS controller is a BAS controller developed by Ecoa Technologies Corp in Taiwan, China. ECOA BAS controller is vulnerable to arbitrary file uploads, which can be exploited to send specially crafted URL requests to the /upload URI with the file name and rbt parameters containing The "dot"...
ECOA BAS controller information disclosure vulnerability (CNVD-2021-83644)
ECOA BAS controller is a smart lighting control solution. ECOA BAS controller is vulnerable to information disclosure, which can be exploited by remote attackers to submit special requests that can obtain sensitive information...
ECOA BAS controller directory traversal vulnerability (CNVD-2021-83638)
ECOA BAS controller is a smart lighting control solution. ECOA BAS controller is vulnerable to directory traversal, which can be exploited by attackers to compromise sensitive and system information...
ECOA BAS controller directory traversal vulnerability
ECOA BAS controller is a smart lighting control solution. A directory traversal vulnerability exists in the ECOA BAS controller GET parameter handling, which can be exploited by attackers to delete arbitrary files on the affected device and cause a denial of service scenario...
CVE-2021-41290
ECOA BAS controller suffers from an arbitrary file write and path traversal vulnerability. Using the POST parameters, unauthenticated attackers can remotely set arbitrary values for location and content type and gain the possibility to execute arbitrary code on the affected device...
CVE-2021-41293
ECOA BAS controller suffers from a path traversal vulnerability, causing arbitrary files disclosure. Using the specific POST parameter, unauthenticated attackers can remotely disclose arbitrary files on the affected device and disclose sensitive and system information...
CVE-2021-41299
ECOA BAS controller is vulnerable to hard-coded credentials within its Linux distribution image, thus remote attackers can obtain administrator’s privilege without logging in...