CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2024-8525 – Automated Logic WebCTRL and Carrier i-Vu Unrestricted File Upload
https://notcve.org/view.php?id=CVE-2024-8525
21 Nov 2024 — An unrestricted upload of file with dangerous type in Automated Logic WebCTRL 7.0 could allow an unauthenticated user to perform remote command execution via a crafted HTTP POST request which could lead to uploading a malicious file. • https://www.corporate.carrier.com/product-security/advisories-resources • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-8526 – Automated Logic WebCTRL and Carrier i-Vu Open Redirect
https://notcve.org/view.php?id=CVE-2024-8526
21 Nov 2024 — A vulnerability in Automated Logic WebCTRL 7.0 could allow an attacker to send a maliciously crafted URL, which when visited by an authenticated WebCTRL user, could result in the redirection of the user to a malicious webpage via "index.jsp" A vulnerability in Automated Logic WebCTRL 7.0 could allow an attacker to send a maliciously crafted URL, which when visited by an authenticated WebCTRL user, could result in the redirection of the user to a malicious webpage via "index.jsp" • https://www.corporate.carrier.com/product-security/advisories-resources • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2422 – LenelS2 NetBox Improper Neutralization of Argumented Delimiters
https://notcve.org/view.php?id=CVE-2024-2422
30 May 2024 — LenelS2 NetBox access control and event monitoring system was discovered to contain an authenticated RCE in versions prior to and including 5.6.1, which allows an attacker to execute malicious commands. Se descubrió que el sistema de monitoreo de eventos y control de acceso LenelS2 NetBox contiene un RCE autenticado en versiones anteriores a la 5.6.1 incluida, lo que permite a un atacante ejecutar comandos maliciosos. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-01 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2421 – LenelS2 NetBox Improper Neutralization of Special Elements
https://notcve.org/view.php?id=CVE-2024-2421
30 May 2024 — LenelS2 NetBox access control and event monitoring system was discovered to contain an unauthenticated RCE in versions prior to and including 5.6.1, which allows an attacker to execute malicious commands with elevated permissions. Se descubrió que el sistema de monitoreo de eventos y control de acceso LenelS2 NetBox contenía un RCE no autenticado en versiones anteriores a la 5.6.1 incluida, lo que permite a un atacante ejecutar comandos maliciosos con permisos elevados. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-01 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 3CVE-2024-2420 – LenelS2 NetBox Hardcoded Credentials
https://notcve.org/view.php?id=CVE-2024-2420
30 May 2024 — LenelS2 NetBox access control and event monitoring system was discovered to contain Hardcoded Credentials in versions prior to and including 5.6.1 which allows an attacker to bypass authentication requirements. Se descubrió que el sistema de control de acceso y monitoreo de eventos LenelS2 NetBox contiene credenciales codificadas en versiones anteriores a la 5.6.1 incluida, lo que permite a un atacante eludir los requisitos de autenticación. LenelS2 NetBox access control and event monitoring system was disc... • https://github.com/l00neyhacker/CVE-2024-24204 • CWE-259: Use of Hard-coded Password •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-36483 – MAS (a Carrier brand) MASmobile Classic Authorization Bypass
https://notcve.org/view.php?id=CVE-2023-36483
16 Mar 2024 — Authorization bypass can be achieved by session ID prediction in MASmobile Classic Android version 1.16.18 and earlier and MASmobile Classic iOS version 1.7.24 and earlier which allows remote attackers to retrieve sensitive data including customer data, security system status, and event history. Se descubrió una omisión de autorización en la aplicación Carrier MASmobile Classic hasta la versión 1.16.18 para Android, la aplicación MASmobile Classic hasta la 1.7.24 para iOS y los servicios MAS ASP.Net hasta l... • https://www.corporate.carrier.com/product-security/advisories-resources • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 9.0EPSS: 0%CPEs: 28EXPL: 0CVE-2022-31486 – Command injection via Advanced Networking route add functionality
https://notcve.org/view.php?id=CVE-2022-31486
06 Jun 2022 — An authenticated attacker can send a specially crafted route to the “edit_route.cgi” binary and have it execute shell commands. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.303 for the LP series and 1.297 for the EP series. An attacker with this level of access on the device can monitor all communications sent to and from this device, modify onboard relays, change configuration files, or... • https://www.corporate.carrier.com/product-security/advisories-resources • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.3EPSS: 0%CPEs: 28EXPL: 0CVE-2022-31485 – Unauthenticated homepage note modification
https://notcve.org/view.php?id=CVE-2022-31485
06 Jun 2022 — An unauthenticated attacker can send a specially crafted packets to update the “notes” section of the home page of the web interface. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.29. Un atacante no autenticado puede enviar un paquete especialmente diseñado para actualizar la sección "notes" de la página de inicio de la interfaz web. Esta vulnerabilidad afecta a los productos basados en l... • https://www.corporate.carrier.com/product-security/advisories-resources • CWE-425: Direct Request ('Forced Browsing') •
CVSS: 7.5EPSS: 0%CPEs: 28EXPL: 0CVE-2022-31484 – User Account Deletion Unauthenticated
https://notcve.org/view.php?id=CVE-2022-31484
06 Jun 2022 — An unauthenticated attacker can send a specially crafted network packet to delete a user from the web interface. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.29. The impact of this vulnerability is that an unauthenticated attacker could restrict access to the web interface to legitimate users and potentially requiring them to use the default user dip switch procedure to gain access back.... • https://www.corporate.carrier.com/product-security/advisories-resources • CWE-425: Direct Request ('Forced Browsing') •
CVSS: 9.1EPSS: 0%CPEs: 28EXPL: 0CVE-2022-31483 – Arbitrary file write via authenticated OSDP file upload
https://notcve.org/view.php?id=CVE-2022-31483
06 Jun 2022 — An authenticated attacker can upload a file with a filename including “..” and “/” to achieve the ability to upload the desired file anywhere on the filesystem. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.271. This allows a malicious actor to overwrite sensitive system files and install a startup service to gain remote access to the underlaying Linux operating system with root privilege... • https://www.corporate.carrier.com/product-security/advisories-resources • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •