Vulnerabilidades em CS Technologies Australia
9 resultadosCVE-2024-29844CRITICALDefault credentials on web interface of Evolution Controller Versions allows attackers to login and perform administrative functionsEPSS 0.6%CVE-2024-29836CRITICALBroken Authentication on USER_CHANGE in Evolution Controller allows unauthenticated account creation and takeoverEPSS 0.6%CVE-2024-29838HIGHUnsanitised variable on DAL_ADD in Evolution Controller causes application level denial of service and crashEPSS 0.5%CVE-2024-29837HIGHPoor session management in Evolution Controller allows administrator functionality for unauthenticated connectionsEPSS 0.5%CVE-2024-29842HIGHBroken Access control on DESKTOP_EDIT_USER_GET_ABACARD_FIELDS in Evolution Controller allows unauthenticated attackers to retrieve ABACARD values EPSS 0.5%CVE-2024-29839HIGHBroken Access control on DESKTOP_EDIT_USER_GET_CARD in Evolution Controller allows unauthenticated attackers to retrieve card data values.EPSS 0.5%CVE-2024-29840HIGHBroken Access control on DESKTOP_EDIT_USER_GET_PIN_FIELDS in Evolution Controller allows unauthenticated attackers to retrieve PIN field valuesEPSS 0.5%CVE-2024-29843HIGHBroken Access control on MOBILE_GET_USERS_LIST in Evolution Controller allows unauthenticated user enumerationEPSS 0.5%CVE-2024-29841HIGHBroken Access control on DESKTOP_EDIT_USER_GET_KEYS_FIELDS in Evolution Controller allows unauthenticated attackers to retrieve keys values EPSS 0.5%