Lucene search
K

3 matches found

Positive Technologies
Positive Technologies
added 2024/01/09 12:0 a.m.6 views

PT-2024-13785 · Bosch · Bcc102 +3

Name of the Vulnerable Software and Affected Versions: Bosch BCC100 smart thermostat affected versions not specified BCC101/BCC102/BCC50 products affected versions not specified Description: A vulnerability allows an unauthenticated attacker to replace the device’s firmware with a malicious one b...

8.3CVSS6.4AI score0.00441EPSS
Exploits0References10
BDU FSTEC
BDU FSTEC
added 2021/08/02 12:0 a.m.5 views

The vulnerability of the HBS 3 (Hybrid Backup Sync) application for backup and disaster recovery operations on QNAP’s operating systems, related to authentication procedures that allow unauthorized users to escalate their privileges.

The vulnerability of the HBS 3 Hybrid Backup Sync application for backup and disaster recovery functions on QNAP network storage operating systems is related to deficiencies in the server authentication process of RTSS. Exploiting this vulnerability could allow a malicious actor to gain increased...

10CVSS7.8AI score0.15802EPSS
Exploits0References8Affected Software2
Zero Day Initiative
Zero Day Initiative
added 2021/07/08 12:0 a.m.71 views

QNAP NAS Hybrid Backup Missing Authentication for Critical Function Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of QNAP NAS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RTSS server, which listens on TCP port 8899 by default. The issue results from the lack of...

9.8CVSS2.7AI score0.15802EPSS
Exploits0References1
Rows per page
Query Builder