Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-54086

Malicious code in bioql PyPI...

6.8CVSS6.7AI score0.01162EPSS
Exploits0References3
OSV
OSV
added 2023/08/22 7:16 p.m.7 views

CVE-2023-4212

​A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats allowing an attacker to execute arbitrary commands as root using a specially crafted filename. The vulnerability requires physical access to the device via a USB stick...

6.8CVSS6.1AI score0.01162EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/08/22 5:34 p.m.9 views

CVE-2023-4212 Trane Thermostats Injection

​A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats allowing an attacker to execute arbitrary commands as root using a specially crafted filename. The vulnerability requires physical access to the device via a USB stick...

6.8CVSS7AI score0.01162EPSS
Exploits0References3
ICS
ICS
added 2023/08/22 6:0 a.m.32 views

Trane Thermostats

1. EXECUTIVE SUMMARY ​CVSS v3 6.8 ​ATTENTION: Low attack complexity ​Vendor: Trane ​Equipment: XL824, XL850, XL1050, and Pivot thermostats ​Vulnerability: Injection 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands as root...

6.8CVSS6.9AI score0.01162EPSS
Exploits0References8
CNNVD
CNNVD
added 2023/08/22 12:0 a.m.5 views

多款Trane产品命令注入漏洞

The Trane XL824 and others are a smart thermostat from Trane Ireland Trane. The Trane XL824, XL850, and XL1050 are vulnerable to a command injection vulnerability that stems from the presence of a command injection vulnerability that allows an attacker to execute arbitrary commands as root using...

6.8CVSS7.1AI score0.01162EPSS
Exploits0References5
Rows per page
Query Builder