PT-2019-9657 · Columbia Weather · Columbia Weather Microserver
John Elder
+1
·
Publicado
2019-06-18
·
Atualizado
2019-06-18
·
CVE-2018-18878
CVSS v2.0
7.8
Alta
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Columbia Weather MicroServer version MS 2.6.9900
Description
The issue arises from the BACnet daemon's failure to properly validate input. This could allow a remote attacker to send specially crafted packets, potentially causing the device to become unavailable.
Recommendations
For version MS 2.6.9900, consider disabling the BACnet daemon until a patch is available to prevent potential exploitation.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Columbia Weather Microserver