Computrols Building Automation Software 18.0.0 Remote Code Execution Vulnerability

Summary

Computrols Building Automation Software is prone to a remote code-execution vulnerability. Computrols CBAS 18.0.0 has Default Credentials.

Credit:

The information has been provided by Computrols
The original article can be found at: https://applied-risk.com/labs/advisories


Details

This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition. 

Vulnerable Systems:

  • Computrols Building Automation Software 18.0.0

CVE Information:

CVE-2019-10850

Disclosure Timeline:
Publish Date:05/23/2019

Categories: News