Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2024/12/03 12:0 a.m.355 views

Acronis Cyber Protect/Backup Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Acronis Cyber Protect/Backup remote code execution', 'Description' = %q Acronis Cyber Protect or Backup is an enterprise backup/recovery solution...

9.3CVSS7.1AI score0.05325EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/12/03 12:0 a.m.394 views

Fortinet FortiManager Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Fortinet FortiManager Unauthenticated RCE', 'Description' = %q This module exploits a missing authentication vulnerability affecting FortiManager...

9.8CVSS7.2AI score0.94761EPSS
Exploits7
Packet Storm
Packet Storm
added 2024/12/02 12:0 a.m.236 views

ABB Cylon Aspect 3.08.01 diagLateThread.php Information Disclosure

ABB Cylon Aspect 3.08.01 diagLateThread.php Information Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy management...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/12/02 12:0 a.m.264 views

Intelligent Security System SecurOS Enterprise 11 Unquoted Service Path

Exploit Title: Intelligent Security System SecurOS Enterprise v11 - Unquoted Service Path Date: 2024-11-25 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] t.me/Ci3c0 Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vend...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/12/02 12:0 a.m.248 views

ABB Cylon Aspect 3.08.01 mstpstatus.php Information Disclosure

ABB Cylon Aspect 3.08.01 mstpstatus.php Information Disclosure Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy management and...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/12/02 12:0 a.m.539 views

Laravel 11.0 Cross Site Scripting

/! - VULNERABILITY: Cross Site Scripting Laravel version 11.0 - Authenticated Persistent XSS - GOOGLE DORK: inurl:.com/?q= - GOOGLE DORK: Site:.com/?q= - DATE: 2024-12-01 - SECURITY RESEARCHER: E1.Coders - VENDOR: LARAVEL https://laravel.com/ - SOFTWARE LINK:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/12/02 12:0 a.m.298 views

Simple Chat System 1.0 Cross Site Scripting

Exploit Title:Simple Chat System 1.0 Reflected XSS Date:05/12/2024 Exploit Author:Merve Hatice Arslan Vendor Homepage:https://code-projects.org/simple-chat-system/ Sofware Link:https://download.code-projects.org/details/ec6340ea-ef68-48d9-b9b2-da397f52b2dc Version:1.0 Tested on:Linux / XAMPP...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/12/02 12:0 a.m.288 views

Nvidia GeForce 11.0.1.163 Unquoted Service Path

Exploit Title: Nvidia GeForce v11.0.1.163 - Unquoted Service Path Date: 2024-11-25 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] t.me/Ci3c0 Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/12/02 12:0 a.m.284 views

Omada Identity Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored Cross-Site Scripting product: Omada Identity vulnerable version: v15U1, v14.14 hotfix 309 fixed version: v15U1, v14.14 hotfix 309 CVE number: CVE-2024-52951 impact...

8CVSS7.1AI score0.01142EPSS
Exploits1
Packet Storm
Packet Storm
added 2024/12/02 12:0 a.m.241 views

ABB Cylon Aspect 3.08.00 fileSystemUpdate.php File Upload / Denial Of Service

ABB Cylon Aspect 3.08.00 fileSystemUpdate.php Insecure File Upload Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.00 Summary: ASPECT is an award-winning scalable building energy management...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/12/02 12:0 a.m.313 views

Siemens Unlocked JTAG Interface / Buffer Overflow

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Unlocked JTAG interface and buffer overflow product: Siemens SM-2558 Protocol Element extension module for Siemens SICAM AK3/TM/BC, Siemens CP-2016 & CP-2019 vulnerable...

7.8CVSS7AI score0.00468EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/12/02 12:0 a.m.280 views

Russian FSB Cross Site Scripting

/! - VULNERABILITY: Cross Site Scripting Federal Security Service of the Russian Federation - Authenticated Persistent XSS - GOOGLE DORK: inurl:fsb.ru/fsb/sh.htm?query= - DATE: 2024-11-29 - SECURITY RESEARCHER: E1.Coders - VENDOR: FSB http://www.fsb.ru/ - SOFTWARE LINK: http://www.fsb.ru/ - CVSS:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/27 12:0 a.m.323 views

ABB Cylon Aspect 3.08.01 vstatConfigurationDownload.php Configuration Download

ABB Cylon Aspect 3.08.01 vstatConfigurationDownload.php Config Download Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/27 12:0 a.m.469 views

Akuvox Smart Intercom/Doorphone ServicesHTTPAPI Improper Access Control

Akuvox Smart Intercom/Doorphone ServicesHTTPAPI Improper Access Control Vendor: The Akuvox Company Product web page: https://www.akuvox.com Affected version: Doorphone: S539 S532 X916 X915 X912 R29 Intercom: E16C R20K-2 R20A-2 C313W-2 NS-2 NC-2 NX-2 Firmware: 912.30.1.137 Summary: Vandal-resistan...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/22 12:0 a.m.320 views

SEH utnserver Pro 20.1.22 Cross Site Scripting

St. Pölten UAS 20241118-0 ------------------------------------------------------------------------------- title| Multiple Stored Cross-Site Scripting product| SEH utnserver Pro vulnerable version| 20.1.22 fixed version| 20.1.35 CVE number| CVE-2024-11304 impact| High homepage|...

5.1CVSS7.1AI score0.00535EPSS
Exploits1
Packet Storm
Packet Storm
added 2024/11/22 12:0 a.m.405 views

needrestart Local Privilege Escalation

Qualys Security Advisory LPEs in needrestart CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003 ======================================================================== Contents ======================================================================== Summary...

7.8CVSS6.9AI score0.19924EPSS
Exploits16
Packet Storm
Packet Storm
added 2024/11/22 12:0 a.m.315 views

fronsetia 1.1 XML Injection

Exploit Title: XXE OOB - fronsetiav1.1 Date: 11/2024 Exploit Author: Andrey Stoykov Version: 1.1 Tested on: Debian 12 Blog: https://msecureltd.blogspot.com/2024/11/friday-fun-pentest-series-15-oob-xxe.html XXE OOB Description: - It was found that the application was vulnerable XXE XML External...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/22 12:0 a.m.933 views

Linux 6.6 Race Condition

Summary I found a security-relevant race between mremap and THP code. Reaching the buggy code typically requires the ability to create unprivileged namespaces. The bug leads to installing physical address 0 as a page table, which is likely exploitable in several ways: For example, triggering the...

7CVSS7AI score0.00198EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/11/22 12:0 a.m.377 views

Korenix JetPort 5601 1.2 Path Traversal

St. Pölten UAS 20241118-1 ------------------------------------------------------------------------------- title| Path Traversal product| Korenix JetPort 5601 vulnerable version| 1.2 fixed version| - CVE number| CVE-2024-11303 impact| High homepage| https://www.korenix.com/ found| 2024-05-24 by| P...

8.7CVSS7.1AI score0.0181EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/11/22 12:0 a.m.417 views

ProjectSend R1605 Unauthenticated Remote Code Execution

class MetasploitModule 'ProjectSend r1295 - r1605 Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an improper authorization vulnerability in ProjectSend versions r1295 through r1605. The vulnerability allows an unauthenticated attacker to obtain remote code executi...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/22 12:0 a.m.342 views

fronsetia 1.1 Cross Site Scripting

Exploit Title: Reflected XSS - fronsetiav1.1 Date: 11/2024 Exploit Author: Andrey Stoykov Version: 1.1 Tested on: Debian 12 Blog: https://msecureltd.blogspot.com/2024/11/friday-fun-pentest-series-14-reflected.html Reflected XSS 1 - "showoperations.jsp" Steps to Reproduce: 1. Visit main page of th...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/22 12:0 a.m.1061 views

CUPS IPP Attributes LAN Remote Code Execution

class MetasploitModule Msf::Exploit::Remote Rank = NormalRanking include Exploit::Remote::DNS::Common include Exploit::Remote::SocketServer include Msf::Exploit::Remote::HttpServer::HTML Accessor for IPP HTTP service attraccessor :service2 MULTICASTADDR = '224.0.0.251' Define IPP constants module...

8.6CVSS7.4AI score0.76959EPSS
Exploits17
Packet Storm
Packet Storm
added 2024/11/21 12:0 a.m.358 views

Ivanti EPM Agent Portal Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/proto/msnrtp/client' class MetasploitModule 'Ivanti EPM Agent Portal Command Execution', 'Description' = %q This module leverages an unauthenticated RCE in...

9.8CVSS7.4AI score0.12904EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/11/21 12:0 a.m.422 views

Judge0 Sandbox Escape

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Judge0 sandbox escape', 'Description' = %q Judge0 does not account for symlinks placed inside the sandbox directory, which can be leveraged by an...

10CVSS7.4AI score0.07211EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/11/18 12:0 a.m.384 views

Pyload Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'Pyload RCE CVE-2024-39205 with js2py sandbox escape CVE-2024-28397', 'Description' = %q CVE-2024-28397 is sandbox escape ...

9.8CVSS7AI score0.16513EPSS
Exploits22
Packet Storm
Packet Storm
added 2024/11/18 12:0 a.m.383 views

SOPlanning 1.52.01 Remote Code Execution

Exploit Title: SOPlanning 1.52.01 Simple Online Planning Tool - Remote Code Execution RCE Authenticated Date: 6th October, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Version: 1.52.01 Tested on: Ubuntu import argparse import requests import random import string import urllib.parse def...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/14 12:0 a.m.435 views

TX Text Control .NET Server For ASP.NET Arbitrary File Read / Write

Hej, Let's keep it short ... ===== Intro ===== A "sudo make me a sandwich" security issue has been identified in the TX Text Control .NET Server for ASP.NET1. According to the vendor2, "the most powerful, MS Word compatible document editor that runs in all browsers". Likely all versions are...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/14 12:0 a.m.523 views

Siemens Energy Omnivise T3000 8.2 SP3 Privilege Escalation / File Download

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Siemens Energy Omnivise T3000 vulnerable version: =8.2 SP3 fixed version: see solution section CVE number: CVE-2024-38876, CVE-2024-3887...

9.8CVSS7.4AI score0.11452EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/11/13 12:0 a.m.470 views

Siemens Energy Omnivise T3000 8.2 SP3 Privilege Escalation / File Download

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Siemens Energy Omnivise T3000 vulnerable version: =8.2 SP3 fixed version: see solution section CVE number: CVE-2024-38876, CVE-2024-3887...

9.8CVSS7AI score0.11452EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/11/13 12:0 a.m.312 views

Palo Alto Expedition 1.2.91 Remote Code Execution

class MetasploitModule 'Palo Alto Expedition Remote Code Execution CVE-2024-5910 and CVE-2024-9464', 'Description' = %q Obtain remote code execution in Palo Alto Expedition version 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the...

9.8CVSS7.4AI score0.91783EPSS
Exploits14
Packet Storm
Packet Storm
added 2024/11/13 12:0 a.m.311 views

TX Text Control .NET Server For ASP.NET Arbitrary File Read / Write

Hej, Let's keep it short ... ===== Intro ===== A "sudo make me a sandwich" security issue has been identified in the TX Text Control .NET Server for ASP.NET1. According to the vendor2, "the most powerful, MS Word compatible document editor that runs in all browsers". Likely all versions are...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/13 12:0 a.m.483 views

Palo Alto Expedition 1.2.91 Remote Code Execution

class MetasploitModule 'Palo Alto Expedition Remote Code Execution CVE-2024-5910 and CVE-2024-9464', 'Description' = %q Obtain remote code execution in Palo Alto Expedition version 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the...

9.8CVSS7.3AI score0.91783EPSS
Exploits14
Packet Storm
Packet Storm
added 2024/11/07 12:0 a.m.424 views

CyberPanel upgrademysqlstatus Arbitrary Command Execution

import httpx import sys def getCSRFtokenclient: resp = client.get"/" return resp.cookies'csrftoken' def pwnclient, CSRFtoken, cmd: headers = "X-CSRFToken": CSRFtoken, "Content-Type":"application/json", "Referer": strclient.baseurl payload = '"statusfile":"/dev/null; %s; ","csrftoken":"%s"' % cmd,...

10CVSS7.1AI score0.86725EPSS
Exploits7
Packet Storm
Packet Storm
added 2024/11/07 12:0 a.m.408 views

WordPress Meetup 0.1 Authentication Bypass

CVE-2024-50483 Meetup = 0.1 - Authentication Bypass via Account Takeover Description: The Meetup plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 0.1. This is due to the plugin not properly verifying a user's identity prior to authenticating them v...

9.8CVSS7.1AI score0.02382EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/11/07 12:0 a.m.523 views

TestRail CLI FieldsParser eval Injection

This is not a very exciting vulnerability, but I had already publicly disclosed it on GitHub at the request of the vendor. Since that report has disappeared, the link I had provided to MITRE was invalid, so here it is again. -Devin --- Unsafe eval in TestRail CLI FieldsParser Date Reported:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/05 12:0 a.m.337 views

ABB Cylon Aspect 3.08.00 Off-By-One

ABB Cylon Aspect 3.08.00 logMix/YumLookup.php Off-by-One Error in Log Parsing Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.00 Summary: ASPECT is an award-winning scalable building energy...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/04 12:0 a.m.362 views

SQLite3 generate_series Stack Buffer Underflow

Vulnerability details static int seriesBestIndex sqlite3vtab pVTab, sqlite3indexinfo pIdxInfo int i, j; / Loop over constraints / int idxNum = 0; / The query plan bitmask / ifndef ZEROARGUMENTGENERATESERIES int bStartSeen = 0; / EQ constraint seen on the START column / endif int unusableMask = 0;...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/04 12:0 a.m.312 views

Sysax Multi Server 6.99 Cross Site Scripting

Exploit Title: Sysax Multi Server 6.99 - Reflected XSS Date: 2024-11-03 Exploit Author: Yehia Elghaly Mrvar0x Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download/sysaxservsetup.msi Version: MultiServer 6.99 Tested on: Windows 10 x64 Reflected XSS - Affected...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/04 12:0 a.m.670 views

IBM Security Verify Access Appliance Insecure Transit / Hardcoded Passwords

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory Information Title: 4 vulnerabilities in ibmsecurity Advisory URL: https://pierrekim.github.io/advisories/2024-ibmsecurity.txt Blog URL: https://pierrekim.github.io/blog/2024-11-01-ibmsecurity-4-vulnerabilities.html Date published: 2024-11-0...

10CVSS9.6AI score0.71363EPSS
Exploits10
Packet Storm
Packet Storm
added 2024/11/04 12:0 a.m.486 views

ESET NOD32 Antivirus 18.0.12.0 Unquoted Service Path

Exploit Title: ESET NOD32 Antivirus 18.0.12.0 - "ESET Service" Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Exploit Date: 2024-11-02 Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/04 12:0 a.m.492 views

IBM Security Verify Access 32 Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory Information Title: 32 vulnerabilities in IBM Security Verify Access Advisory URL: https://pierrekim.github.io/advisories/2024-ibm-security-verify-access.txt Blog URL:...

10CVSS9.8AI score0.95764EPSS
Exploits13
Packet Storm
Packet Storm
added 2024/11/04 12:0 a.m.303 views

Sysax Multi Server 6.99 SSH Denial Of Service

Exploit Title: Sysax Multi Server 6.99 - SSH Denial of Service Date: 2024-11-03 Exploit Author: Yehia Elghaly Mrvar0x Vendor Homepage: https://www.sysax.com/ Software Link: https://www.sysax.com/download/sysaxservsetup.msi Version: Sysax Multi Server 6.99 Tested on: Windows 10 x64 Steps -- Compil...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/01 12:0 a.m.437 views

ABB Cylon Aspect 3.08.01 File Upload MD5 Checksum Bypass

ABB Cylon Aspect 3.08.01 badassMode File Upload MD5 Checksum Bypass Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy managemen...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/01 12:0 a.m.380 views

SmartAgent 1.1.0 Remote Code Execution

Exploit Title: SmartAgent v1.1.0 - Unauthenticated Remote Code Execution Date: 01-10-2024 Exploit Author: Alter Prime Vendor Homepage: https://smarts-srlcom.com/, https://smartagent.com Version: Build v1.1.0 Tested on: Kali Linux An unauthenticated user can access a php script called...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/01 12:0 a.m.342 views

SmartAgent 1.1.0 Server-Side Request Forgery

Exploit Title: SmartAgent v1.1.0 - Server-Side Request Forgery SSRF Date: 01-10-2024 Exploit Author: Alter Prime Vendor Homepage: https://smarts-srlcom.com/, https://smartagent.com Version: Build v1.1.0 Tested on: Kali Linux An unauthenticated user can trigger the web server to perform web reques...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/11/01 12:0 a.m.1043 views

Ping Identity PingIDM 7.5.0 Query Filter Injection

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Query Filter Injection product: Ping Identity PingIDM formerly known as ForgeRock Identity Management vulnerable version: v7.0.0 - v7.5.0 and older unsupported versions...

2.7CVSS7.1AI score0.00671EPSS
Exploits1
Packet Storm
Packet Storm
added 2024/11/01 12:0 a.m.460 views

SmartAgent 1.1.0 SQL Injection

Exploit Title: SmartAgent v1.1.0 - Unauthenticated SQL Injection SQLi Date: 01-10-2024 Exploit Author: Alter Prime Vendor Homepage: https://smarts-srlcom.com/, https://smartagent.com Version: Build v1.1.0 Tested on: Kali Linux An unauthenticated user can inject SQL queries through a POST request ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/31 12:0 a.m.312 views

Qualitor 8.24 Server-Side Request Forgery

CVE-2024-48360 | Qualitor = v8.24 Unauthenticated SSRF Description Qualitor is a platform for business process management, and this system is present in various companies in Brazil that can be identified simply by using Google dorking. Our team identified a vulnerability in the application...

7.4AI score0.03905EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/10/30 12:0 a.m.372 views

ABB Cylon Aspect 3.08.01 jsonProxy.php Unauthenticated Project Download

ABB Cylon Aspect 3.08.01 jsonProxy.php Unauthenticated Project Download Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/10/30 12:0 a.m.244 views

ABB Cylon Aspect 3.08.01 jsonProxy.php Unauthenticated Remote SSH Service Control

ABB Cylon Aspect 3.08.01 jsonProxy.php Unauthenticated Remote SSH Service Control Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building...

7.4AI score
Exploits0
Total number of security vulnerabilities50738