Security
Headlines
HeadlinesLatestCVEs

Tag

#php

ABB Cylon Aspect 3.08.01 (jsonProxy.php) Information Disclosure

The jsonProxy.php endpoint on the ABB BMS/BAS controller is vulnerable to unauthorized information disclosure. An unauthenticated attacker can retrieve sensitive system information, including system time, uptime, memory usage, and network load statistics. The jsonProxy.php endpoint proxies these requests to internal services without requiring authentication, allowing attackers to obtain detailed system status data, which could aid in further attacks by revealing operational characteristics and resource utilization.

Zero Science Lab
Open in Source
#js#php#auth
ABB Cylon Aspect 3.08.01 (jsonProxy.php) Unauthenticated Remote SSH Service Control

The jsonProxy.php endpoint on the ABB BMS/BAS controller is vulnerable to unauthorized SSH service configuration changes. An unauthenticated attacker can enable or disable the SSH service on the server by accessing the FTControlServlet with the sshenable parameter. The jsonProxy.php script proxies requests to localhost without enforcing authentication, allowing attackers to modify SSH settings and potentially gain further unauthorized access to the system.

ABB Cylon Aspect 3.08.01 (jsonProxy.php) Username Enumeration

The jsonProxy.php endpoint on the ABB BMS/BAS controller is vulnerable to username enumeration. An unauthenticated attacker can interact with the UserManager servlet to enumerate valid usernames on the system. Since jsonProxy.php proxies requests to internal services without requiring authentication, attackers can gain unauthorized insights into valid usernames.

ABB Cylon Aspect 3.08.01 (jsonProxy.php) Unauthenticated Credentials Disclosure

The ABB BMS/BAS controller allows an unauthenticated attacker to disclose credentials in plain-text.

ABB Cylon Aspect 3.08.01 Active Debug Data Exposure

ABB Cylon Aspect version 3.08.01 is deployed to unauthorized actors with debugging code still enabled or active, which can create unintended entry points or expose sensitive information.

Booked Scheduler 2.8.5 Cross Site Scripting / Open Redirection

Booked Scheduler version 2.8.5 suffers from cross site scripting and open redirection vulnerabilities.

UP-RESULT PRO 1.0 SQL Injection

UP-RESULT PRO version 1.0 suffers from a remote SQL injection vulnerability.

ABB Cylon Aspect 3.08.01 getApplicationNamesJS.php Building/Project Name Exposure

ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated building/project name exposure vulnerability.

Russian Espionage Group Targets Ukrainian Military with Malware via Telegram

A suspected Russian hybrid espionage and influence operation has been observed delivering a mix of Windows and Android malware to target the Ukrainian military under the Telegram persona Civil Defense. Google's Threat Analysis Group (TAG) and Mandiant are tracking the activity under the name UNC5812. The threat group, which operates a Telegram channel named civildefense_com_ua, was created on

ABB Cylon Aspect 3.08.01 (getApplicationNamesJS.php) Building/Project Name Exposure

The building management system suffers from an unauthenticated building/project name exposure.