Vulnerabilities for Quantum bacnet integration firmware (...) - CXSECURITY.COM

Vulnerabilities for
'Quantum bacnet integration firmware'

2018-04-23

CVE-2018-8880

CWE-200

Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) doesn't check for correct user authentication before showing the /deviceIP information, which leads to internal network information disclosure.

2018-02-20

CVE-2018-7276

CWE-200

An issue was discovered on Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) devices. Remote attackers can obtain potentially sensitive information via a /DbXmlInfo.xml request, as demonstrated by the Latitude/Longitude of the device.

>>> Vendor: Lutron 4 Products

Quantum bacnet integration firmware

Homeworks qs firmware

Radiora 2 firmware

Stanza firmware

Copyright 2024, cxsecurity.com