HomePentest-Tools.com Logo

Climatix BACnet/IP Communication Module Multiple Vulnerabilities CVE-2015-4174

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Climatix BACnet/IP Communication Module is prone to multiple vulnerabilities.

Risk description

Multiple flaws are due to: - The application does not validate input to the dumpfile.dll before returning it to users. - The application allow unrestricted upload of files Successful exploitation will allow attacker to execute arbitrary HTML and script code in the context of an affected site.

Recommendation

Upgrade to version 10.34 or above. details are available.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jun 28, 2015
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available