Exploit for Incorrect Type Conversion or Cast in Kunbus Revpi_Status

CVE-2025-41646 - RevPi Webstatus request/response ⚠️ D...

Exploit for Incorrect Type Conversion or Cast in Kunbus Revpi_Status

CVE-2025-41646---Critical-Authentication-Bypass- CVE-2025-4164...

CVE-2025-41648

CVE-2025-41648 affects Pilz IndustrialPI Webstatus. An unauthenticated remote attacker can bypass the login to the IndustrialPI web application, allowing access to and modification of all available settings. The available connected docs consistently describe this as an authentication bypass leadi...

CVE-2025-41648 Pilz: Authentication Bypass in IndustrialPI Webstatus

An unauthenticated remote attacker can bypass the login to the web application of the affected devices making it possible to access and change all available settings of the IndustrialPI...

PT-2025-24278 · Kunbus · Revolution Pi Webstatus +1

Name of the Vulnerable Software and Affected Versions: RevPi Webstatus versions prior to v2.4.6 Description: An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion, leading to full compromise of the device. The root...

BuildBot WebStatus Detection

The remote host is running BuildBot, a continuous integration tool written in Python. BuildBot comes with WebStatus, a web interface that provides the status of all builds being maintained by BuildBot. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

BuildBot WebStatus waterfall 'branch' Parameter XSS

The version of BuildBot WebStatus running on the remote host has a cross-site scripting vulnerability. Input to the 'branch' parameter of the '/waterfall/help' page is not properly sanitized. A remote attacker could exploit this by tricking a user into requesting a malicious URL, which could resu...