Akuvox Smart Intercom/Doorphone Unauthenticated Stream Disclosure

Deep Sea Electronics DSE855 Remote Authentication Bypass

Aquatronica Control System 5.1.6 Passwords Leak Vulnerability

Elber Wayber Analog/Digital Audio STL 4.00 Device Config

Elber Wayber Analog/Digital Audio STL 4.00 Authentication Bypass

The BAS controller has hidden backdoors in several binaries that serve the web application. Any unauthenticated attacker can download all the resources and binaries/services that serve the controller and search for the 'backdoor()' function in httpser.elf as well as discover hidden credentials for backdoor access with full functionality of the Smart Home, Access Control and Building Automation System solutions.

Headline

ECOA Building Automation System Hidden Backdoor Accounts and backdoor() Function

Zero Science Lab: Latest News