Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Vulnrichment
Vulnrichmentadded 2026/03/20 11:19 p.m.1 views

CVE-2026-24060 Automated Logic WebCTRL Premium Server Cleartext Transmission of Sensitive Information

Service information is not encrypted when transmitted as BACnet packets over the wire, and can be sniffed, intercepted, and modified by an attacker. Valuable information such as the File Start Position and File Data can be sniffed from network traffic using Wireshark's BACnet dissector filter. Th...

9.1CVSS5.8AI score0.00018EPSS
Exploits0References3
CVE
CVEadded 2026/03/20 11:17 p.m.5 views

CVE-2026-32666

CVE-2026-32666 affects WebCTRL systems using BACnet. The vulnerability arises from BACnet’s lack of network-layer authentication and WebCTRL’s absence of additional validation of BACnet traffic, permitting an attacker with network access to spoof BACnet packets directed at the WebCTRL server or A...

7.5CVSS5.8AI score0.00078EPSS
Exploits0References3
CVE
CVEadded 2026/03/20 11:14 p.m.5 views

CVE-2026-25086

CVE-2026-25086 affects Automated Logic WebCTRL Premium Server. Under certain conditions, an attacker could bind to the same port used by WebCTRL, enabling the crafting and sending of malicious packets and impersonation of the WebCTRL service without requiring code injection into WebCTRL. The prov...

7.7CVSS5.9AI score0.00022EPSS
Exploits0References3
ICS
ICSadded 2026/03/19 6:0 a.m.3 views

Automated Logic WebCTRL Premium Server

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read, intercept, or modify communications. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as: Minimize network...

7.7CVSS5.8AI score0.00022EPSS
Exploits0References13
Tenable Nessus
Tenable Nessusadded 2025/02/17 12:0 a.m.4 views

Automated Logic WebCTRL Premium Server Unrestricted Upload of File with Dangerous Type (CVE-2024-8525)

CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists which could allow an unauthenticated user to upload files of dangerous types without restrictions, leading to remote command execution. This plugin only works with Tenable.ot. Please visit...

10CVSS5.5AI score0.01652EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/02/17 12:0 a.m.6 views

Automated Logic WebCTRL Premium Server Unrestricted Upload of File with Dangerous Type (CVE-2024-8525)

CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists which could allow an unauthenticated user to upload files of dangerous types without restrictions, leading to remote command execution. This plugin only works with Tenable.ot. Please visit...

10CVSS5.5AI score0.01652EPSS
Exploits0References3
Rows per page
Query Builder