CVE-2018-1000624

Name of the Vulnerable Software and Affected Versions Battelle V2I Hub version 2.5.1

Description The issue is caused by the failure to restrict access to a sensitive functionality, allowing a remote attacker to shut down the system. This can be exploited by visiting the "http://V2I HUB/UI/powerdown.php" API endpoint.

Recommendations For Battelle V2I Hub version 2.5.1, restrict access to the powerdown.php functionality to prevent unauthorized shutdowns of the system. Consider implementing proper access controls to sensitive functionalities to mitigate the risk of exploitation.