Security
Headlines
HeadlinesLatestCVEs

Headline

ABB Cylon Aspect 3.08.01 (jsonProxy.php) Denial of Service

The jsonProxy.php endpoint on the ABB BMS/BAS controller is vulnerable to an unauthenticated Denial of Service (DoS) attack. An attacker can remotely restart the main Java server by accessing the FTControlServlet with the restart parameter. The endpoint proxies requests to localhost without requiring authentication, enabling attackers to disrupt system availability by repeatedly triggering server restarts.

Zero Science Lab
#dos#js#java#php#auth

Zero Science Lab: Latest News

ABB Cylon Aspect 3.08.02 (WatchDogServlet) Authenticated Reflected XSS