In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Serverβs authentication may be bypassed by a capture-replay attack from a web browser.
9.1CVSS
9.2AI Score
0.002EPSS
Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Honeywell has released a firmware update to address the problem.
9.8CVSS
9.3AI Score
0.004EPSS