An issue exists on KONE Group Controller (KGC) devices prior to 4.6.5. Unauthenticated Local File Inclusion and File modification is possible through the open HTTP interface by modifying the name parameter of the file endpoint, aka KONE-02.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kone group_controller_firmware |