Skip to main content

Notifier Webserver

2 CVEs product

Monthly

CVE-2020-6974 CRITICAL Act Now

Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Path Traversal Notifier Webserver
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2020-6972 CRITICAL Act Now

In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Authentication Bypass Notifier Webserver
NVD
CVSS 3.1
9.1
EPSS
1.3%
EPSS 2% CVSS 9.8
CRITICAL Act Now

Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Path Traversal Notifier Webserver
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Authentication Bypass Notifier Webserver
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy