Art Systems FluidDraw P5/S5 5.3n Binary Planting Arbitrary Code Execution

Summary Fluiddraw enables the creation of electrical and pneumatic circuit diagrams. The tool makes it easier to plan complete systems and implement individual components. Users access the Festo catalogue and their own imported databases and can thus benefit from evaluation functions and created...

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (services) Authenticated Command Injection

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol SVDRP (svdrpsend.sh) Exploit

Summary MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a standard PC into a Multi Media Centre based on the Video Disk Recorder VDR by Klaus Schmidinger. Features of this Linux based Digital Video Recorder: Watch TV, Timer controlled recordings, Time Shift, DVD and MP3 Replay...

meterN v1.2.3 Authenticated Remote Command Execution Vulnerability

Summary meterN is a set of PHP/JS files that make a -Home energy metering & monitoring- solution. It accept any meters like : electrical, water, gas, fuel consumption, solar, Wind energy production and so on. Sensors such as temperature or humidity are also accepted. The philosophy is: To keep it...

ABB Cylon Aspect 3.08.03 (MIX->UserManager) Auth Bypass Create MIXAdmin

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description ABB Cylon Aspect BMS/BAS is vulnerable to a critical flaw in the...

ECOA Building Automation System Path Traversal Arbitrary File Upload

Summary 1 The Risk-Terminator Web Graphic control BEMS Building Energy Management System are designed to provide you with the latest in the Human Machine Interface HMI technology, for completely monitoring and controlling management. It may be used singly for small and medium sized facilities,...

V-SOL GPON/EPON OLT Platform v2.03 Reflected XSS Vulnerability

Summary GPON is currently the leading FTTH standard in broadband access technology being widely deployed by service providers around the world. GPON/EPON OLT products are 1U height 19 inch rack mount products. The features of the OLT are small, convenient, flexible, easy to deploy, high...

Peplink NGxxx/LCxxx VPN-Firewall Open Redirect Vulnerability

Summary The NG500 / 520 is a high-performance VPN server, which is suitable for small and medium enterprises to use as a VPN center. It is simple to deploy and high security. At the same time, NG500 / 520 products also integrates advanced firewall features to support access to computers by group,...

Lighttpd 1.4.56 - 1.4.66 Resource Leak Denial of Service PoC

Summary lighttpd pronounced /lighty/ is a secure, fast, compliant, and very flexible web server that has been optimized for high-performance environments. lighttpd uses memory and CPU efficiently and has lower resource use than other popular web servers. Its advanced feature-set FastCGI, CGI, Aut...

Ilevia EVE X1/X5 Server 4.7.18.0.eden Insecure Hashing Algorithm

Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...

B-swiss 3 Digital Signage System 3.6.5 CSRF Add Maintenance Admin

Summary Intelligent digital signage made easy. To go beyond the possibilities offered, b-swiss allows you to create the communication solution for your specific needs and your graphic charter. You benefit from our experience and know-how in the realization of your digital signage project...

Ilevia EVE X1/X5 Server 4.7.18.0.eden Authentication Bypass Exploit

Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...

SoX 14.4.2 (wav.c) Division By Zero

Summary SoX Sound eXchange is the Swiss Army knife of sound processing tools: it can convert sound files between many different file formats and audio devices, and can apply many sound effects and transformations, as well as doing basic analysis and providing input to more capable analysis and...

SpinetiX Fusion Digital Signage 3.4.8 Username Enumeration Weakness

Summary At SpinetiX we inspire businesses to unlock the potential of their story. We believe in the power of digital signage as a dynamic new storytelling platform to engage with people. For more than 13 years, we have been constantly innovating to deliver cutting-edge digital signage solutions...

VBA32 Personal Antivirus 3.12.8.x (malformed archive) DoS Exploit

Summary Antivirus program for personal computers running Windows which is a reliable and, it is crucial, quick tool to detect and neutralize computer viruses, mail worms, trojan programs and other malware backdoors, adware, spyware, etc in real time and by request. Description Vba32 Personal...

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Cross-Site Request Forgery

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (username) Authentication Bypass

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (password) Unauthenticated Command Injection

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

BrightSign Digital Signage Diagnostic Web Server 8.2.26 Unauthenticated SSRF

Summary BrightSign designs media players and provides free software and cloud networking solutions for the commercial digital signage market worldwide, serving all vertical segments of the marketplace. Description Unauthenticated Server-Side Request Forgery SSRF vulnerability exists in the...

ABB Cylon FLXeon 9.3.5 (variant.js) Unauthenticated System Information Disclosure

Summary BACnet® Smart Building Controllers. ABB's BACnet portfolio features a series of BACnet® IP and BACnet MS/TP field controllers for ASPECT® and INTEGRA™ building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boiler...

BACnet Test Server 1.01 Remote Denial of Service Exploit

Summary This is a simple BACnet Server aimed at developers who want to explore or test their BACnet Client implementations of the ASHRAE BACnet protocol. It is based on Steve Karg's fine implementation of the BACnet Stack. Description The BACNet Test Server is vulnerable to a denial of service Do...

B-swiss 3 Digital Signage System 3.6.5 Database Disclosure

Summary Intelligent digital signage made easy. To go beyond the possibilities offered, b-swiss allows you to create the communication solution for your specific needs and your graphic charter. You benefit from our experience and know-how in the realization of your digital signage project...

Schneider Electric Pelco Sarix/Spectra Cameras CSRF Enable SSH Root Access

Summary Pelco offers the broadest selection of IP cameras designed for security surveillance in a wide variety of commercial and industrial settings. From our industry-leading fixed and high-speed IP cameras to panoramic, thermal imaging, explosionproof and more, we offer a camera for any...

Adtec Digital Multiple Products Default/Hardcoded Credentials Remote Root

Summary Adtec Digital is a leading manufacturer of Broadcast, Cable and IPTV products and solutions. Description The devices utilizes hard-coded and default credentials within its Linux distribution image for Web/Telnet/SSH access. A remote attacker could exploit this vulnerability by logging in...

QiHang Media Web (QH.aspx) Digital Signage 3.0.9 Cookie User Password Disclosure

Summary Digital Signage Software. Description The application suffers from a cleartext transmission/storage of sensitive information in a cookie. This allows a remote attacker to intercept the HTTP Cookie authentication credentials via a man-in-the-middle attack. QiHang Media Web QH.aspx Digital...

dbaudio R1 v2.14.4 DNS-SD Service Unquoted Service Path Privilege Escalation

Summary The R1 Remote control software succeeds the d&b ROPE C software. It is a software package designed to operate d&b amplifiers D12, D6, E-PAC with Display remotely using the d&b Remote network based on CAN-Bus technology. Description The application suffers from an unquoted search path issu...

B-swiss 3 Digital Signage System 3.6.5 Backdoor Remote Code Execution

Summary Intelligent digital signage made easy. To go beyond the possibilities offered, b-swiss allows you to create the communication solution for your specific needs and your graphic charter. You benefit from our experience and know-how in the realization of your digital signage project...

ABB Cylon Aspect 3.08.03 (MIX->HTTPDownloadServlet) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description ABB Cylon Aspect BMS/BAS is vulnerable to a critical flaw in the...

TP-Link TL-WR740N Wireless Router Remote Denial Of Service Exploit

Summary The TL-WR740N is a combined wired/wireless network connection device integrated with internet-sharing router and 4-port switch. The wireless N Router is 802.11b&g compatible based on 802.11n technology and gives you 802.11n performance up to 150Mbps at an even more affordable price...

ABB Cylon Aspect 3.08.03 (MIX->HTTPDownloadServlet) File Deletion

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description ABB Cylon Aspect BMS/BAS is vulnerable to a critical flaw in the...

ABB Cylon Aspect 3.08.03 (MIX->DeploymentServlet) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description ABB Cylon Aspect BMS/BAS is vulnerable to a critical flaw in the...

Extreme Networks Aerohive HiveOS <=11.x Remote Denial of Service Exploit

Summary Aerohive HiveOS is the network operating system that powers all Aerohive access points, based on a feature-rich Cooperative Control architecture. HiveOS enables Aerohive devices to organize into groups, or 'hives', which allows functionality like fast roaming, user-based access control an...

Automated Logic WebCTRL 6.5 Insecure File Permissions Privilege Escalation

Summary WebCTRL®, Automated Logic's web-based building automation system, is known for its intuitive user interface and powerful integration capabilities. It allows building operators to optimize and manage all of their building systems - including HVAC, lighting, fire, elevators, and security -...

TP-Link TL-WR740N Wireless Router MitM httpd Denial Of Service

Summary The TL-WR740N is a combined wired/wireless network connection device integrated with internet-sharing router and 4-port switch. The wireless N Router is 802.11b&g compatible based on 802.11n technology and gives you 802.11n performance up to 150Mbps at an even more affordable price...

MiniDVBLinux 5.4 Unauthenticated Stream Disclosure Vulnerability

Summary MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a standard PC into a Multi Media Centre based on the Video Disk Recorder VDR by Klaus Schmidinger. Features of this Linux based Digital Video Recorder: Watch TV, Timer controlled recordings, Time Shift, DVD and MP3 Replay...

MiniDVBLinux 5.4 Arbitrary File Read Vulnerability

Summary MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a standard PC into a Multi Media Centre based on the Video Disk Recorder VDR by Klaus Schmidinger. Features of this Linux based Digital Video Recorder: Watch TV, Timer controlled recordings, Time Shift, DVD and MP3 Replay...

ReQuest Serious Play F3 Media Server 7.0.3 Remote Denial of Service

Summary F3 packs all the power of ReQuest's multi-zone serious Play servers into a compact powerhouse. With the ability to add unlimited NAS devices, the F3 can handle your entire family's media collection with ease. Description The device can be shutdown or rebooted by an unauthenticated attacke...

Eibiz i-Media Server Digital Signage 3.8.0 Remote Privilege Escalation / Account Takeover

Summary EIBIZ develop advertising platform for out of home media in that time the world called "Digital Signage". Because most business customers still need get outside to get in touch which products and services. Online media alone cannot serve them right place, right time. Description The...

QiHang Media Web (QH.aspx) Digital Signage 3.0.9 Cleartext Credentials Disclosure

Summary Digital Signage Software. Description The application suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file '/xml/User/User.xml' and obtain administrative login information...

ReQuest Serious Play Media Player 3.0 Directory Traversal File Disclosure Vulnerability

Summary With the MediaPlayer, ReQuest delivers video content and award-winning distributed music capabilities. Up to 4 MediaPlayers 15 when coupled with an approved NAS can be connected through your home network to your ReQuest system, delivering HD video to your television in 1080p via HDMI...

Allworx Server Manager Multiple Cross-Site Scripting Vulnerabilities

Summary The Allworx phone system enables users to manage voicemails in the Allworx Message Center and customize the personal phone system configurations using My Allworx Manager. Description Allworx server manager interface suffers from multiple reflected XSS vulnerabilities when input passed via...

Eibiz i-Media Server Digital Signage 3.8.0 (oldfile) File Path Traversal

Summary EIBIZ develop advertising platform for out of home media in that time the world called "Digital Signage". Because most business customers still need get outside to get in touch which products and services. Online media alone cannot serve them right place, right time. Description i-Media...

Eibiz i-Media Server Digital Signage 3.8.0 Configuration Disclosure

Summary EIBIZ develop advertising platform for out of home media in that time the world called "Digital Signage". Because most business customers still need get outside to get in touch which products and services. Online media alone cannot serve them right place, right time. Description i-Media...

ABB Cylon Aspect 3.08.03 (productRemovalUpdate.php) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an authenticated blind OS...

SonicDICOM PACS 2.3.2 Remote Vertical Privilege Escalation Exploit

Summary SonicDICOM is PACS software that combines the capabilities of DICOM Server with web browser based DICOM Viewer. Description The application suffers from a privilege escalation vulnerability. Normal user can elevate his/her privileges by sending a HTTP PATCH request seting the parameter...

SpinetiX Fusion Digital Signage 3.4.8 CSRF Add Admin Exploit

Summary At SpinetiX we inspire businesses to unlock the potential of their story. We believe in the power of digital signage as a dynamic new storytelling platform to engage with people. For more than 13 years, we have been constantly innovating to deliver cutting-edge digital signage solutions...

Ilevia EVE X1/X5 Server 4.7.18.0.eden Reverse Rootshell

Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...

Hikvision Digital Video Recorder Cross-Site Request Forgery

Summary Hikvision is the global leader of video surveillance products and solutions, manufactures a wide range of top-quality, reliable, and professional solutions. Description The application interface allows users to perform certain actions via HTTP requests without performing any validity chec...

TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi Hard-Coded Credentials

Summary Designed with simplicity in mind, TP-LINK's Cloud Cameras are a fast and trouble free way to keep track on what's going on in and around your home. Video monitoring, recording and sharing has never been easier with the use of TP-LINK’s Cloud service. The excitement of possibilities never...

Ilevia EVE X1/X5 Server 4.7.18.0.eden Authenticated Remote Command Injections

Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...