Group Controller Firmware Security Vulnerabilities and Issues — Group Controller Firmware CVE List

Lucene search

KoneGroup Controller Firmware

4 matches found

CVE•added 2018/09/07 10:29 p.m.•36 views

CVE-2018-15484

An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Unauthenticated Remote Code Execution is possible through the open HTTP interface by modifying autoexec.bat, aka KONE-01.

10CVSS9.6AI score0.08325EPSS

CVE•added 2018/09/07 10:29 p.m.•35 views

CVE-2018-15485

An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. FTP does not require authentication or authorization, aka KONE-03.

9.1CVSS9.3AI score0.01131EPSS

CVE•added 2018/09/07 10:29 p.m.•34 views

CVE-2018-15483

An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Denial of Service can occur through the open HTTP interface, aka KONE-04.

7.8CVSS7.5AI score0.00353EPSS

CVE•added 2018/09/07 10:29 p.m.•34 views

CVE-2018-15486

An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Unauthenticated Local File Inclusion and File modification is possible through the open HTTP interface by modifying the name parameter of the file endpoint, aka KONE-02.

9.1CVSS9.2AI score0.00275EPSS