Lucene search
K

29 matches found

CVE
CVE
added 2018/09/07 10:0 p.m.47 views

CVE-2018-15484

The CVE-2018-15484 entry affects KONE Group Controller (KGC) devices prior to 4.6.5. The issue allows unauthenticated remote code execution via the open HTTP interface by modifying autoexec.bat (aka KONE-01). Impact is high: attacker can achieve remote code execution with network access and no pr...

10CVSS9.6AI score0.07659EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2018/09/07 10:0 p.m.46 views

CVE-2018-15486

The CVE-2018-15486 entry concerns KONE Group Controller (KGC) devices prior to version 4.6.5. The vulnerability enables Una uthenticated Local File Inclusion and file modification via the open HTTP interface by altering the name parameter of the file endpoint (aka KONE-02). This could impact conf...

9.1CVSS9.2AI score0.02058EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2018/09/07 10:0 p.m.27 views

CVE-2018-15484

An issue was discovered on KONE Group Controller KGC devices before 4.6.5. Unauthenticated Remote Code Execution is possible through the open HTTP interface by modifying autoexec.bat, aka KONE-01...

9.8AI score0.07659EPSS
Exploits2References2
CVE
CVE
added 2018/09/07 10:0 p.m.48 views

CVE-2018-15485

CVE-2018-15485 – KONE Group Controller (KGC) affects KGC devices before 4.6.5. The issue is that the FTP service does not require authentication or authorization, allowing unauthenticated access. According to NVD, this yields a high-impact potential for confidentiality and integrity (CVSS3: Criti...

9.1CVSS9.3AI score0.02505EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2018/09/07 10:0 p.m.25 views

CVE-2018-15486

An issue was discovered on KONE Group Controller KGC devices before 4.6.5. Unauthenticated Local File Inclusion and File modification is possible through the open HTTP interface by modifying the name parameter of the file endpoint, aka KONE-02...

9.3AI score0.02058EPSS
Exploits3References2
CVE
CVE
added 2018/09/07 10:0 p.m.51 views

CVE-2018-15483

CVE-2018-15483 affects KONE Group Controller (KGC) devices prior to 4.6.5. The issue enables Denial of Service via the open HTTP interface (KONE-04). Descriptions in connected sources confirm affected product/class and the vulnerability class, but there is no explicit remediation or in‑the‑wild e...

7.8CVSS7.5AI score0.01868EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2018/09/07 10:0 p.m.26 views

CVE-2018-15483

An issue was discovered on KONE Group Controller KGC devices before 4.6.5. Denial of Service can occur through the open HTTP interface, aka KONE-04...

7.6AI score0.01868EPSS
Exploits2References2
0day.today
0day.today
added 2018/09/06 12:0 a.m.76 views

KONE KGC 4.6.4 - Multiple Vulnerabilities

KONE KGC versions 4.6.4 and below suffer from unauthenticated remote code execution, denial of service, local file inclusion, and missing FTP access control vulnerabilities. Vulnerabilities in KONEs Group Controller KGC -------------------------------------------------------------------------...

0.7AI score0.07659EPSS
Exploits3
Packet Storm
Packet Storm
added 2018/09/06 12:0 a.m.178 views

KONE KGC 4.6.4 DoS / Code Execution / LFI / Bypass

Vulnerabilities in KONEs Group Controller KGC ------------------------------------------------------------------------- Introduction ============ Vulnerabilities were identified in the KONE Group Controller KGC. These were discovered during a black box assessment and therefore the vulnerability...

8.5AI score0.07659EPSS
Exploits3
Rows per page
Query Builder