Tollgrade Smart Grid EMS LightHouse Vulnerabilities

OVERVIEW Ashish Kamble of Qualys, Inc. has identified vulnerabilities in Tollgrade Communications, Inc.’s Smart Grid LightHouse Sensor Management System SMS Software EMS. Tollgrade has produced a new version to mitigate these vulnerabilities. Ashish Kamble has tested the new version to validate...

Tollgrade SmartGrid LightHouse Sensor Management System Software Arbitrary Password Change Vulnerability

Tollgrade SmartGrid LightHouse Sensor Management System SMS Software is a Web-based smart grid lighthouse sensor management system from Tollgrade, Inc. A security vulnerability exists in Tollgrade SmartGrid LightHouse SMS Software EMS versions prior to 5.1 and 4.1.0 Build 16. A remote attacker...

CVE-2016-0863

Cross-site request forgery CSRF vulnerability in Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to hijack the authentication of arbitrary users...

CVE-2016-0863

Cross-site request forgery CSRF vulnerability in Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to hijack the authentication of arbitrary users...

Information disclosure

Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to obtain sensitive report and username information via unspecified vectors...

CVE-2016-0866

The CVE-2016-0866 entry maps to a Cross-site Scripting (XSS) vulnerability in Tollgrade SmartGrid LightHouse Sensor Management System (SMS) Software EMS prior to 5.1 and 4.1.0 Build 16. Affected product: LightHouse EMS web server; vulnerability arises from improper input handling, enabling remote...