ABB Cylon FLXeon 9.3.4 login.js Node Timing Attack Exploit

ABB Cylon FLXeon version 9.3.4 has a timing attack vulnerability in the authentication process due to an improper comparison of password hashes in login.js and uukl.js. !/usr/bin/env python3 ABB Cylon FLXeon 9.3.4 login.js Node Timing Attack Vendor: ABB Ltd. Product web page: https://www.global.a...

ABB Cylon FLXeon 9.3.4 login.js Unauthenticated Root Remote Code Execution Exploit

ABB Cylon FLXeon version 9.3.4 suffers from an unauthenticated remote code execution vulnerability with root privileges. Input passed through the login.js script for the password JSON parameter allows out-of-band command injection. !/usr/bin/env python3 ABB Cylon FLXeon 9.3.4 login.js...