Remote Kiln Control Security Vulnerabilities and Issues — Remote Kiln Control CVE List

Lucene search

BlaauwproductsRemote Kiln Control

4 matches found

CVE•added 2020/05/07 2:15 p.m.•33 views

CVE-2019-18864

/server-info and /server-status in Blaauw Remote Kiln Control through v3.00r4 allow an unauthenticated attacker to gain sensitive information about the host machine.

7.5CVSS7.6AI score0.00782EPSS

CVE•added 2020/05/07 1:15 p.m.•33 views

CVE-2019-18867

Browsable directories in Blaauw Remote Kiln Control through v3.00r4 allow an attacker to enumerate sensitive filenames and locations, including source code. This affects /ajax/, /common/, /engine/, /flash/, /images/, /Images/, /jscripts/, /lang/, /layout/, /programs/, and /sms/.

7.5CVSS7.5AI score0.00316EPSS

CVE•added 2020/05/07 2:15 p.m.•28 views

CVE-2019-18866

Unauthenticated SQL injection via the username in the login mechanism in Blaauw Remote Kiln Control through v3.00r4 allows a user to extract arbitrary data from the rkc database.

7.5CVSS7.9AI score0.00397EPSS

CVE•added 2020/05/07 2:15 p.m.•27 views

CVE-2019-18872

Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set short or guessable passwords (e.g., 1 or 1234).

7.5CVSS7.6AI score0.00206EPSS