Security
Headlines
HeadlinesLatestCVEs

Headline

ABB Cylon Aspect 3.08.01 (mapConfigurationDownload.php) Config Download

The ABB BMS/BAS controller suffers from an unauthenticated configuration download vulnerability. This can be exploited to download the SQLite DB that contains the configuration mappings information via the FTControlServlet by directly calling the mapConfigurationDownload.php script.

Zero Science Lab
#sql#vulnerability#php#auth

Zero Science Lab: Latest News

ABB Cylon Aspect 3.08.02 (WatchDogServlet) Authenticated Reflected XSS