Lucene search
K
ZeroscienceMost viewed

1109 matches found

Zero Science Lab
Zero Science Lab
added 2023/04/10 12:0 a.m.246 views

Sielco PolyEco Digital FM Transmitter 2.0.6 Default Credentials

Summary PolyEco is the innovative family of high-end digital FM transmitters of Sielco. They are especially suited as high performance power system exciters or compact low-mid power transmitters. The same cabinet may in fact be fitted with 50, 100, 300, 500, 1000W power stage PolyEco50, 100, 300,...

9.8CVSS7.3AI score0.00494EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2022/12/14 12:0 a.m.246 views

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (ping.php) Conditional Command Injection

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

8.5CVSS6AI score0.03353EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2023/04/10 12:0 a.m.245 views

Sielco PolyEco Digital FM Transmitter 2.0.6 Account Takeover / Lockout / EoP

Summary PolyEco is the innovative family of high-end digital FM transmitters of Sielco. They are especially suited as high performance power system exciters or compact low-mid power transmitters. The same cabinet may in fact be fitted with 50, 100, 300, 500, 1000W power stage PolyEco50, 100, 300,...

9.8CVSS7.3AI score0.00536EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2023/02/27 12:0 a.m.243 views

Osprey Pump Controller 1.0.1 Unauthenticated File Disclosure

Summary Providing pumping systems and automated controls for golf courses and turf irrigation, municipal water and sewer, biogas, agricultural, and industrial markets. Osprey: door-mounted, irrigation and landscape pump controller. Technology hasn't changed dramatically on pump and electric motor...

7.5CVSS7.1AI score0.01537EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2023/04/10 12:0 a.m.242 views

Sielco PolyEco Digital FM Transmitter 2.0.6 'polyeco' Session Hijacking

Summary PolyEco is the innovative family of high-end digital FM transmitters of Sielco. They are especially suited as high performance power system exciters or compact low-mid power transmitters. The same cabinet may in fact be fitted with 50, 100, 300, 500, 1000W power stage PolyEco50, 100, 300,...

9.8CVSS7.3AI score0.00469EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2023/04/10 12:0 a.m.242 views

Sielco PolyEco Digital FM Transmitter 2.0.6 Authentication Bypass Exploit

Summary PolyEco is the innovative family of high-end digital FM transmitters of Sielco. They are especially suited as high performance power system exciters or compact low-mid power transmitters. The same cabinet may in fact be fitted with 50, 100, 300, 500, 1000W power stage PolyEco50, 100, 300,...

9.8CVSS7.3AI score0.00653EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2019/09/26 12:0 a.m.242 views

V-SOL GPON/EPON OLT Platform v2.03 Cross-Site Request Forgery

Summary GPON is currently the leading FTTH standard in broadband access technology being widely deployed by service providers around the world. GPON/EPON OLT products are 1U height 19 inch rack mount products. The features of the OLT are small, convenient, flexible, easy to deploy, high...

5.1CVSS5.8AI score0.00145EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2025/05/22 12:0 a.m.241 views

ABB Cylon Aspect 3.08.03 (MIX->NTPServlet) Time Manipulation

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description ABB Cylon Aspect MIX's NTPServlet allows NTP config changes via the...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2022/12/14 12:0 a.m.241 views

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Directory Traversal File Write Exploit

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

8.8CVSS6AI score0.01042EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2026/03/02 12:0 a.m.240 views

Honeywell Trend IQ4xx BMS Controller Unauthenticated Remote Web-HMI Control And Lockout

Summary The Honeywell IQ4 Trend IQ4 is a line of intelligent building-management controllers designed to provide advanced unitary control, HVAC integration, and scalable I/O expansion for commercial environments. These controllers use Ethernet and TCP/IP networking with embedded XML, support BACn...

10CVSS5.7AI score0.05585EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2020/09/30 12:0 a.m.240 views

Sony IPELA Network Camera (ftpclient.cgi) Remote Stack Buffer Overflow

Summary IPELA is Sony's vision of the ultimate workplace, designed to revolutionize the way business communicates over global IP networks. IPELA products can improve the efficiency of your organization by connecting people and places with high-quality audio and video. The SNC-DH120T is an indoor...

6.5AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2025/05/19 12:0 a.m.239 views

ABB Cylon FLXeon 9.3.5 (siteGuide.js) Authenticated Directory Traversal

Summary BACnet® Smart Building Controllers. ABB's BACnet portfolio features a series of BACnet® IP and BACnet MS/TP field controllers for ASPECT® and INTEGRA™ building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boiler...

6AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2025/03/31 12:0 a.m.239 views

Ksenia Security Lares WebServer Home Automation Remote Code Execution

Summary Lares is a burglar alarm & home automation system that can be controlled by means of an ergo LCD keyboard, as well as remotely by telephone, and even via the Internet through a built-in WEB server. Description The device provides access to an unprotected endpoint, enabling the upload of...

9.8CVSS6AI score0.00433EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2025/03/31 12:0 a.m.238 views

Ksenia Security Lares WebServer Home Automation Default Credentials

Summary Lares is a burglar alarm & home automation system that can be controlled by means of an ergo LCD keyboard, as well as remotely by telephone, and even via the Internet through a built-in WEB server. Description Ksenia Lares uses a weak set of default administrative credentials that can be...

9.8CVSS5.8AI score0.0053EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2024/10/06 12:0 a.m.238 views

ABB Cylon Aspect 3.08.01 (logYumLookup.php) Unauthenticated File Disclosure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The building management system suffers from an unauthenticated...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2022/01/27 12:0 a.m.238 views

Fetch Softworks Fetch FTP Client 5.8 Remote CPU Consumption (Denial of Service)

Summary Fetch is a reliable, full-featured file transfer client for the Apple Macintosh whose user interface emphasizes simplicity and ease of use. Fetch supports FTP and SFTP, the most popular file transfer protocols on the Internet for compatibility with thousands of Internet service providers,...

7.5CVSS5.8AI score0.00358EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2025/05/19 12:0 a.m.237 views

ABB Cylon FLXeon 9.3.5 (bbmdList.js) Authenticated Config Poisoning

Summary BACnet® Smart Building Controllers. ABB's BACnet portfolio features a series of BACnet® IP and BACnet MS/TP field controllers for ASPECT® and INTEGRA™ building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boiler...

5.9AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2025/02/11 12:0 a.m.237 views

ABB Cylon FLXeon 9.3.4 Limited Cross-Site Request Forgery (RCE)

Summary BACnet® Smart Building Controllers. ABB's BACnet portfolio features a series of BACnet® IP and BACnet MS/TP field controllers for ASPECT® and INTEGRA™ building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boiler...

5.9AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/28 12:0 a.m.237 views

ABB Cylon Aspect 3.08.01 (getApplicationNamesJS.php) Building/Project Name Exposure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The building management system suffers from an unauthenticated...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2022/10/16 12:0 a.m.237 views

MiniDVBLinux 5.4 Remote Root Command Execution Vulnerability

Summary MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a standard PC into a Multi Media Centre based on the Video Disk Recorder VDR by Klaus Schmidinger. Features of this Linux based Digital Video Recorder: Watch TV, Timer controlled recordings, Time Shift, DVD and MP3 Replay...

9.8CVSS6.2AI score0.01261EPSS
Exploits3
Zero Science Lab
Zero Science Lab
added 2014/10/25 12:0 a.m.235 views

CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities

Summary The CBN CH6640E/CG6640E Wireless Gateway is designed for your home, home office, or small business/enterprise. It can be used in households with one or more computers capable of wireless connectivity for remote access to the wireless gateway. Description The CBN modem gateway suffers from...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2021/03/18 12:0 a.m.234 views

KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 Unauthenticated Log Disclosure

Summary JT3500V is a most advanced LTE-A Pro CAT12 indoor Wi-Fi & VoIP CPE product specially designed to enable quick and easy LTE fixed data service deployment for residential and SOHO customers. It provides high speed LAN, Wi-Fi and VoIP integrated services to end users who need both bandwidth...

5.7AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2025/06/04 12:0 a.m.233 views

ABB Cylon Aspect 3.08.04 (DeploySource) Unauthenticated Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description ABB Cylon Aspect BMS/BAS is vulnerable to a critical flaw in the...

6.1AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/06 12:0 a.m.233 views

ABB Cylon Aspect 3.08.01 (caldavUtil.php) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an unauthenticated OS command...

6.1AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2022/12/09 12:0 a.m.232 views

Spitfire CMS 1.0.475 (cms_backup_values) PHP Object Injection

Summary Spitfire is a system to manage the content of webpages. Description The application is prone to a PHP Object Injection vulnerability due to the unsafe use of unserialize function. A potential attacker, authenticated, could exploit this vulnerability by sending specially crafted requests t...

8.8CVSS7.3AI score0.18233EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2022/12/14 12:0 a.m.231 views

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (PHPTail) Unauthenticated File Disclosure

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

8.7CVSS5.9AI score0.01349EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2026/01/23 12:0 a.m.230 views

Lighttpd 1.4.56 - 1.4.66 Resource Leak Denial of Service PoC

Summary lighttpd pronounced /lighty/ is a secure, fast, compliant, and very flexible web server that has been optimized for high-performance environments. lighttpd uses memory and CPU efficiently and has lower resource use than other popular web servers. Its advanced feature-set FastCGI, CGI, Aut...

7.5CVSS7AI score0.02714EPSS
Exploits4
Zero Science Lab
Zero Science Lab
added 2021/09/08 12:0 a.m.230 views

ECOA Building Automation System Arbitrary File Deletion

Summary 1 The Risk-Terminator Web Graphic control BEMS Building Energy Management System are designed to provide you with the latest in the Human Machine Interface HMI technology, for completely monitoring and controlling management. It may be used singly for small and medium sized facilities,...

9.1CVSS7.4AI score0.01147EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2010/05/26 12:0 a.m.230 views

Adobe Photoshop CS4 Extended 11.0 ABR File Handling Remote Buffer Overflow PoC

Summary The Adobe® Photoshop® family of products is the ultimate playground for bringing out the best in your digital images, transforming them into anything you can imagine and showcasing them in extraordinary ways. Description Adobe Photoshop CS4 Extended suffers from a buffer overflow...

9.3CVSS6.3AI score0.19641EPSS
Exploits15
Zero Science Lab
Zero Science Lab
added 2025/11/06 12:0 a.m.228 views

Ilevia EVE X1/X5 Server 4.7.18.0.eden Insecure Hashing Algorithm

Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...

8.2CVSS5.8AI score0.00287EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2025/03/06 12:0 a.m.227 views

ABB Cylon Aspect 3.08.01 (caldavUpload.php) Funkalicious Exploit

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description Yo, check it - the ABB BMS/BAS system's got a slick little weakness i...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/30 12:0 a.m.227 views

ABB Cylon Aspect 3.08.01 (jsonProxy.php) Denial of Service

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The jsonProxy.php endpoint on the ABB BMS/BAS controller is vulnerabl...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/10 12:0 a.m.227 views

ABB Cylon Aspect 3.07.02 (sshUpdate.php) Unauthenticated Remote SSH Service Control

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The BMS/BAS controller suffers from a vulnerability that allows an...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2021/09/08 12:0 a.m.227 views

ECOA Building Automation System Missing Encryption Of Sensitive Information

Summary 1 The Risk-Terminator Web Graphic control BEMS Building Energy Management System are designed to provide you with the latest in the Human Machine Interface HMI technology, for completely monitoring and controlling management. It may be used singly for small and medium sized facilities,...

7.3CVSS7.2AI score0.00415EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2025/05/22 12:0 a.m.226 views

ABB Cylon Aspect 3.08.03 (logMixDownload.php) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an authenticated blind OS...

6.1AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2022/12/14 12:0 a.m.226 views

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Authorization Bypass (IDOR)

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

9.8CVSS5.9AI score0.00758EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2021/09/08 12:0 a.m.226 views

ECOA Building Automation System Hard-coded Credentials SSH Access

Summary 1 The Risk-Terminator Web Graphic control BEMS Building Energy Management System are designed to provide you with the latest in the Human Machine Interface HMI technology, for completely monitoring and controlling management. It may be used singly for small and medium sized facilities,...

10CVSS7.3AI score0.01989EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2022/12/14 12:0 a.m.225 views

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (username) Stored Cross-Site Scripting

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

7.2CVSS6.1AI score0.00393EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2025/05/22 12:0 a.m.224 views

ABB Cylon Aspect 3.08.02 (MIX) Session Validation Bypass

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description ABB Cylon Aspect suffers from a broken session management issue. The...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2022/10/16 12:0 a.m.223 views

MiniDVBLinux 5.4 Config Download Exploit

Summary MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a standard PC into a Multi Media Centre based on the Video Disk Recorder VDR by Klaus Schmidinger. Features of this Linux based Digital Video Recorder: Watch TV, Timer controlled recordings, Time Shift, DVD and MP3 Replay...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/10 12:0 a.m.221 views

ABB Cylon Aspect 3.08.01 (persistenceManagerAjax.php) Directory Traversal

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The BMS/BAS controller has a directory traversal vulnerability that c...

5.9AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2021/09/08 12:0 a.m.221 views

ECOA Building Automation System Weak Default Credentials

Summary 1 The Risk-Terminator Web Graphic control BEMS Building Energy Management System are designed to provide you with the latest in the Human Machine Interface HMI technology, for completely monitoring and controlling management. It may be used singly for small and medium sized facilities,...

9.8CVSS7.3AI score0.00919EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2019/09/26 12:0 a.m.221 views

V-SOL GPON/EPON OLT Platform v2.03 Unauthenticated Configuration Download

Summary GPON is currently the leading FTTH standard in broadband access technology being widely deployed by service providers around the world. GPON/EPON OLT products are 1U height 19 inch rack mount products. The features of the OLT are small, convenient, flexible, easy to deploy, high...

8.7CVSS5.7AI score0.00355EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2025/05/22 12:0 a.m.220 views

ABB Cylon Aspect 3.08.03 (logYumLookup.php) Hybrid Path Traversal

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB Cylon Aspect BAS controller is vulnerable to an authenticated...

5.9AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2021/09/08 12:0 a.m.219 views

ECOA Building Automation System Configuration Download Information Disclosure

Summary 1 The Risk-Terminator Web Graphic control BEMS Building Energy Management System are designed to provide you with the latest in the Human Machine Interface HMI technology, for completely monitoring and controlling management. It may be used singly for small and medium sized facilities,...

10CVSS7.3AI score0.01926EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2017/04/30 12:0 a.m.219 views

Emby MediaServer 3.2.5 Password Reset Vulnerability

Summary Emby formerly Media Browser is a media server designed to organize, play, and stream audio and video to a variety of devices. Emby is open-source, and uses a client-server model. Two comparable media servers are Plex and Windows Media Center. Description The issue can be triggered by an...

5.7AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2022/12/14 12:0 a.m.218 views

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Unauthenticated Radio Stream Disclosure

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

7.5CVSS5.8AI score0.00726EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2022/12/14 12:0 a.m.218 views

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (sound4server) Hardcoded Credentials

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

9.8CVSS5.8AI score0.00512EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2025/05/22 12:0 a.m.217 views

ABB Cylon Aspect 3.08.03 (MIX->UserManager) Auth Bypass Create MIXAdmin

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description ABB Cylon Aspect BMS/BAS is vulnerable to a critical flaw in the...

5.9AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2021/09/08 12:0 a.m.217 views

ECOA Building Automation System Remote Privilege Escalation

Summary 1 The Risk-Terminator Web Graphic control BEMS Building Energy Management System are designed to provide you with the latest in the Human Machine Interface HMI technology, for completely monitoring and controlling management. It may be used singly for small and medium sized facilities,...

8.8CVSS7.3AI score0.00718EPSS
Exploits1
Total number of security vulnerabilities1109