Skip to main content

Xl1050 Firmware

1 CVEs product

Monthly

CVE-2023-4212 MEDIUM This Month

​A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats allowing an attacker to execute arbitrary commands as root using a specially crafted filename. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Xl824 Firmware Xl850 Firmware Xl1050 Firmware Pivot Firmware
NVD
CVSS 3.1
6.8
EPSS
1.2%
EPSS 1% CVSS 6.8
MEDIUM This Month

​A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats allowing an attacker to execute arbitrary commands as root using a specially crafted filename. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Xl824 Firmware Xl850 Firmware +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy