Lucene search
K
ZeroscienceRecent

1109 matches found

Zero Science Lab
Zero Science Lab
added 2025/01/06 12:0 a.m.679 views

ABB Cylon Aspect 3.08.02 (CookieDB) SQL Injection

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an SQL injection through the...

7.7CVSS7.4AI score0.00274EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2025/01/06 12:0 a.m.619 views

ABB Cylon Aspect 3.08.02 Cookie User Password Disclosure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The application suffers from cleartext transmission and storage of...

8.7CVSS7.2AI score0.01497EPSS
Exploits3
Zero Science Lab
Zero Science Lab
added 2025/01/06 12:0 a.m.551 views

ABB Cylon Aspect 3.08.03 (MapServicesHandler) Authenticated Reflected XSS

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an authenticated reflected...

5.9AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2025/01/06 12:0 a.m.558 views

ABB Cylon Aspect 3.08.03 Hard-coded Secrets

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB Cylon Aspect BMS/BAS controller contains multiple instances o...

9.8CVSS5.8AI score0.00595EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2025/01/06 12:0 a.m.542 views

ABB Cylon Aspect 3.08.03 (CookieDB) SQL Injection

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an SQL injection through the...

6.1AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2025/01/03 12:0 a.m.619 views

ABB Cylon Aspect 4.00.00 (factorySaved.php) Unauthenticated XSS

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB Cylon Aspect BMS/BAS controller suffers from an unauthenticat...

6AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2025/01/03 12:0 a.m.627 views

ABB Cylon Aspect 4.00.00 (factorySetSerialNum.php) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB Cylon Aspect BMS/BAS controller suffers from an unauthenticat...

6.1AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2025/01/03 12:0 a.m.603 views

ABB Cylon Aspect 3.08.03 (webServerDeviceLabelUpdate.php) File Write DoS

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB Cylon Aspect BMS/BAS controller suffers from an authenticated...

5.9AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/12/30 12:0 a.m.365 views

ABB Cylon Aspect 3.08.02 (ethernetUpdate.php) Authenticated Path Traversal

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB Cylon controller suffers from an authenticated path traversal...

5.9AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/12/30 12:0 a.m.381 views

ABB Cylon Aspect 3.08.02 (deployStart.php) Unauthenticated Command Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB Cylon Aspect BMS/BAS controller suffers from an unauthenticat...

10CVSS5.9AI score0.02073EPSS
Exploits4
Zero Science Lab
Zero Science Lab
added 2024/12/27 12:0 a.m.432 views

ABB Cylon Aspect 3.08.02 (clearProjectConfigurationAjax.php) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an authenticated blind OS...

6.1AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/12/27 12:0 a.m.427 views

ABB Cylon Aspect 3.08.02 (calendarUpdate.php) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an authenticated blind OS...

6.1AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/12/27 12:0 a.m.399 views

ABB Cylon Aspect 3.08.02 (clearProjectConfigurationAjax.php) File Deletion

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The BMS/BAS controller suffers from an arbitrary file deletion...

5.9AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/12/24 12:0 a.m.491 views

ABB Cylon Aspect 3.08.02 (WatchDogServlet) Authenticated Reflected XSS

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an authenticated reflected...

9.3CVSS7.5AI score0.01099EPSS
Exploits7
Zero Science Lab
Zero Science Lab
added 2024/12/23 12:0 a.m.427 views

ABB Cylon Aspect 3.08.02 (syslogUpdate.php) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an authenticated OS command...

10CVSS7.5AI score0.02846EPSS
Exploits10
Zero Science Lab
Zero Science Lab
added 2024/12/16 12:0 a.m.350 views

ABB Cylon Aspect 3.08.02 (editOverride.php) Authentication Bypass MIX Override

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB Cylon Aspect BMS/BAS controller allows users to bypass...

10CVSS5.9AI score0.02073EPSS
Exploits4
Zero Science Lab
Zero Science Lab
added 2024/12/13 12:0 a.m.330 views

ABB Cylon Aspect 3.08.02 (aspectMemory.php) Arbitrary Heap Memory Configuration

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description An authenticated access vulnerability in the aspectMemory.php script ...

10CVSS7.4AI score0.13516EPSS
Exploits4
Zero Science Lab
Zero Science Lab
added 2024/12/12 12:0 a.m.376 views

ABB Cylon Aspect 3.07.00 (obtainPorts.php) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an unauthenticated blind OS...

6AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/12/12 12:0 a.m.330 views

ABB Cylon Aspect 3.07.00 (obtainPorts.php) Configuration Manipulation

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The obtainPorts.php script is accessible without authentication,...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/12/12 12:0 a.m.385 views

ABB Cylon Aspect 3.08.01 (portQueueAjax.php) Information Disclosure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The portQueueAjax.php endpoint on ABB Cylon Aspect BMS/BAS controller...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/12/11 12:0 a.m.380 views

ABB Cylon Aspect 3.08.02 Unauthenticated Configuration Disclosure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB Cylon Aspect BMS/BAS system suffers from an unauthenticated...

5.7AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/12/11 12:0 a.m.674 views

ABB Cylon Aspect 3.08.02 (API/Servlets) Server-Side Request Forgery (SSRF)

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description ABB Cylon Aspect is affected by multiple Server-Side Request Forgery...

9.9CVSS5.9AI score0.00501EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2024/12/11 12:0 a.m.329 views

ABB Cylon Aspect 3.08.01 Unauthenticated DB Download

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description An unauthenticated vulnerability in ABB Cylon Aspect BMS/BAS allows t...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/12/10 12:0 a.m.393 views

ABB Cylon Aspect 3.08.02 (tscConfiguration.php) Authenticated Reflected XSS

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an authenticated reflected...

5.9AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/12/08 12:0 a.m.296 views

ABB Cylon Aspect 3.08.02 (altlogin.php) Unauthenticated Reflected XSS

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an unauthenticated reflected...

10CVSS6AI score0.02073EPSS
Exploits4
Zero Science Lab
Zero Science Lab
added 2024/12/08 12:0 a.m.626 views

ABB Cylon Aspect 3.08.01 (oosManagerAjax.php) Information Manipulation

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an unauthenticated informatio...

8.8CVSS5.7AI score0.00341EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2024/12/08 12:0 a.m.701 views

ABB Cylon Aspect 3.08.01 (combinedStats.php) Information Disclosure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an unauthenticated informatio...

8.8CVSS5.8AI score0.00341EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2024/12/08 12:0 a.m.361 views

ABB Cylon Aspect 3.08.02 (fileSystemUpdate.php) Remote Guest2Root Exploit

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller is vulnerable to code execution and sudo...

10CVSS8.1AI score0.02846EPSS
Exploits10
Zero Science Lab
Zero Science Lab
added 2024/12/08 12:0 a.m.516 views

ABB Cylon Aspect 3.08.01 (pupDumpStats.php) Information Disclosure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. The AAM PUP Primary Utility Protocol is a proprietary protocol supported by certa...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/12/07 12:0 a.m.362 views

ABB Cylon Aspect 3.08.02 (userManagement.php) Cross-Site Request Forgery

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller allows users to perform certain actions vi...

7.3CVSS5.8AI score0.00656EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2024/12/06 12:0 a.m.611 views

ABB Cylon Aspect 3.08.02 (fileSystemUpdateExecute.php) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an authenticated OS command...

10CVSS7.5AI score0.02846EPSS
Exploits10
Zero Science Lab
Zero Science Lab
added 2024/12/06 12:0 a.m.344 views

ABB Cylon Aspect 3.08.02 (servicesUpdate.php) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an authenticated blind OS...

10CVSS7.6AI score0.02846EPSS
Exploits10
Zero Science Lab
Zero Science Lab
added 2024/12/06 12:0 a.m.386 views

ABB Cylon Aspect 3.08.01 (servicesUpdate.php) Remote Code Execution

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an unauthenticated blind OS...

10CVSS7.6AI score0.02846EPSS
Exploits10
Zero Science Lab
Zero Science Lab
added 2024/11/28 12:0 a.m.263 views

ABB Cylon Aspect 3.08.00 (fileSystemUpdate.php) Insecure File Upload

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description A vulnerability exists in the fileSystemUpdate.php endpoint of the AB...

5.9AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/11/28 12:0 a.m.302 views

ABB Cylon Aspect 3.08.01 (mstpstatus.php) Information Disclosure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an unauthenticated informatio...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/11/27 12:0 a.m.301 views

ABB Cylon Aspect 3.08.01 (diagLateThread.php) Information Disclosure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an unauthenticated informatio...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/11/26 12:0 a.m.361 views

Akuvox Smart Intercom/Doorphone ServicesHTTPAPI Improper Access Control

Summary Vandal-resistant Door Phone for High-end Buildings. Offering top-of-the-line features, Akuvox X912 is targeted at high-end residential and commercial projects. With a compact size, it is perfect for buildings with limited installation space. Description The Akuvox Smart Intercom/Doorphone...

8.7CVSS5.8AI score0.0021EPSS
Exploits1
Zero Science Lab
Zero Science Lab
added 2024/11/26 12:0 a.m.302 views

ABB Cylon Aspect 3.08.01 (vstatConfigurationDownload.php) Config Download

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. The addition of vSTAT, a Virtual Zone application, allows for authorised users to...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/11/05 12:0 a.m.331 views

ABB Cylon Aspect 3.08.00 (log(Mix/Yum)Lookup.php) Off-by-One Error in Log Parsing

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description A vulnerability was identified in a PHP script where an off-by-one...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/31 12:0 a.m.298 views

ABB Cylon Aspect 3.08.01 (badassMode) File Upload MD5 Checksum Bypass

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS system has a vulnerability in caldavInstall.php,...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/30 12:0 a.m.332 views

ABB Cylon Aspect 3.08.01 (jsonProxy.php) Unauthenticated Reflected XSS

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an unauthenticated reflected...

5.9AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/30 12:0 a.m.484 views

ABB Cylon Aspect 3.08.01 (jsonProxy.php) Servlet Inclusion Authentication Bypass

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller is vulnerable to remote, arbitrary servlet...

6AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/30 12:0 a.m.227 views

ABB Cylon Aspect 3.08.01 (jsonProxy.php) Denial of Service

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The jsonProxy.php endpoint on the ABB BMS/BAS controller is vulnerabl...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/30 12:0 a.m.262 views

ABB Cylon Aspect 3.08.01 (jsonProxy.php) Unauthenticated Remote SSH Service Control

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The jsonProxy.php endpoint on the ABB BMS/BAS controller is vulnerabl...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/30 12:0 a.m.407 views

ABB Cylon Aspect 3.08.01 (jsonProxy.php) Information Disclosure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The jsonProxy.php endpoint on the ABB BMS/BAS controller is vulnerabl...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/30 12:0 a.m.266 views

ABB Cylon Aspect 3.08.01 (jsonProxy.php) Username Enumeration

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The jsonProxy.php endpoint on the ABB BMS/BAS controller is vulnerabl...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/30 12:0 a.m.289 views

ABB Cylon Aspect 3.08.01 (jsonProxy.php) Unauthenticated Credentials Disclosure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller allows an unauthenticated attacker to...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/30 12:0 a.m.265 views

ABB Cylon Aspect 3.08.01 (jsonProxy.php) Unauthenticated Project Download

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The jsonProxy.php endpoint on the ABB BMS/BAS controller is vulnerabl...

5.8AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/28 12:0 a.m.259 views

ABB Cylon Aspect 3.08.01 (auth/) Active Debug Code Vulnerability

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller is deployed to unauthorized actors with...

5.9AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/10/28 12:0 a.m.238 views

ABB Cylon Aspect 3.08.01 (getApplicationNamesJS.php) Building/Project Name Exposure

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The building management system suffers from an unauthenticated...

5.8AI score
Exploits0
Total number of security vulnerabilities1109