Skip to main content

Computrols Building Automation Software

9 CVEs product

Monthly

CVE-2019-10848 MEDIUM POC This Month

Computrols CBAS 18.0.0 allows Username Enumeration. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Computrols Building Automation Software
NVD Exploit-DB
CVSS 3.0
5.3
EPSS
8.5%
CVE-2019-10847 HIGH POC This Week

Computrols CBAS 18.0.0 allows Cross-Site Request Forgery. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Computrols Building Automation Software
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
2.4%
CVE-2019-10850 CRITICAL Act Now

Computrols CBAS 18.0.0 has Default Credentials. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Computrols Building Automation Software
NVD
CVSS 3.0
9.8
EPSS
1.9%
CVE-2019-10849 HIGH POC This Week

Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Computrols Building Automation Software
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
9.0%
CVE-2019-10855 HIGH This Week

Computrols CBAS 18.0.0 mishandles password hashes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Computrols Building Automation Software
NVD
CVSS 3.0
7.5
EPSS
1.0%
CVE-2019-10854 HIGH This Week

Computrols CBAS 18.0.0 allows Authenticated Command Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Computrols Building Automation Software
NVD
CVSS 3.0
8.8
EPSS
3.0%
CVE-2019-10853 HIGH This Week

Computrols CBAS 18.0.0 allows Authentication Bypass. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Computrols Building Automation Software
NVD
CVSS 3.0
8.1
EPSS
1.7%
CVE-2019-10852 HIGH This Week

Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start_pulling&id= substring. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Computrols Building Automation Software
NVD
CVSS 3.0
8.8
EPSS
1.8%
CVE-2019-10851 MEDIUM This Month

Computrols CBAS 18.0.0 has hard-coded encryption keys. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Computrols Building Automation Software
NVD
CVSS 3.0
6.5
EPSS
0.7%
EPSS 8% CVSS 5.3
MEDIUM POC This Month

Computrols CBAS 18.0.0 allows Username Enumeration. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Computrols Building Automation Software
NVD Exploit-DB
EPSS 2% CVSS 8.8
HIGH POC This Week

Computrols CBAS 18.0.0 allows Cross-Site Request Forgery. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Computrols Building Automation Software
NVD Exploit-DB
EPSS 2% CVSS 9.8
CRITICAL Act Now

Computrols CBAS 18.0.0 has Default Credentials. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Computrols Building Automation Software
NVD
EPSS 9% CVSS 7.5
HIGH POC This Week

Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Computrols Building Automation Software
NVD Exploit-DB
EPSS 1% CVSS 7.5
HIGH This Week

Computrols CBAS 18.0.0 mishandles password hashes. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Computrols Building Automation Software
NVD
EPSS 3% CVSS 8.8
HIGH This Week

Computrols CBAS 18.0.0 allows Authenticated Command Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Computrols Building Automation Software
NVD
EPSS 2% CVSS 8.1
HIGH This Week

Computrols CBAS 18.0.0 allows Authentication Bypass. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Computrols Building Automation Software
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start_pulling&id= substring. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Computrols Building Automation Software
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Computrols CBAS 18.0.0 has hard-coded encryption keys. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Computrols Building Automation Software
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy