13 matches found
CVE-2022-26519
There is no limit to the number of attempts to authenticate for the local configuration pages for the Hills ComNav Version 3002-19 interface, which allows local attackers to brute-force credentials...
EUVD-2022-31077
Malicious code in bioql PyPI...
CVE-2022-1318
Hills ComNav version 3002-19 suffers from a weak communication channel. Traffic across the local network for the configuration pages can be viewed by a malicious actor. The size of certain communications packets are predictable. This would allow an attacker to learn the state of the system if the...
CVE-2022-26519
There is no limit to the number of attempts to authenticate for the local configuration pages for the Hills ComNav Version 3002-19 interface, which allows local attackers to brute-force credentials...
CVE-2022-1318
Hills ComNav version 3002-19 suffers from a weak communication channel. Traffic across the local network for the configuration pages can be viewed by a malicious actor. The size of certain communications packets are predictable. This would allow an attacker to learn the state of the system if the...
Hardcoded credentials
Hills ComNav version 3002-19 suffers from a weak communication channel. Traffic across the local network for the configuration pages can be viewed by a malicious actor. The size of certain communications packets are predictable. This would allow an attacker to learn the state of the system if the...
CVE-2022-26519 Interlogix Hills ComNav Improper Restriction of Excessive Authentication Attempts
There is no limit to the number of attempts to authenticate for the local configuration pages for the Hills ComNav Version 3002-19 interface, which allows local attackers to brute-force credentials...
CVE-2022-1318 Hills ComNav Inadequate Encryption Strength
Hills ComNav version 3002-19 suffers from a weak communication channel. Traffic across the local network for the configuration pages can be viewed by a malicious actor. The size of certain communications packets are predictable. This would allow an attacker to learn the state of the system if the...
CVE-2022-1318
CVE-2022-1318 affects Hills ComNav, v3002-19, with an inadequate encryption strength: local-network traffic on configuration pages is observable, and packet sizes are predictable, allowing an observer to learn system state even when traffic is encrypted. The underlying issue is described as a wea...
PT-2022-13792 · Hills · Hills Comnav
Name of the Vulnerable Software and Affected Versions: Hills ComNav version 3002-19 Description: The issue concerns a weak communication channel in the configuration pages of the system. Traffic across the local network can be viewed by a malicious actor, and the size of certain communications...
Interlogix Hills ComNav 安全漏洞
Interlogix Hills ComNav is a remote access integration module for the Hills Reliance Security Alert System from Interlogix Australia. A security vulnerability exists in Interlogix Hills ComNav that allows a local attacker to brute-force break credentials...
Interlogix Hills ComNav 加密问题漏洞
Interlogix Hills ComNav is a remote access integration module for the Hills Reliance Security Alert System from Interlogix Australia. An encryption issue vulnerability exists in Interlogix Hills ComNav, which allows an attacker to view configuration page traffic across a local network...
Interlogix Hills ComNav
1. EXECUTIVE SUMMARY CVSS v3 6.2 ATTENTION: Low attack complexity Vendor: Interlogix is a part of Carrier Global Corporation Equipment: Hills ComNav Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Inadequate Encryption Strength 2. RISK EVALUATION Successful...