Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2018-8880

Published: 23/04/2018 Updated: 25/05/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Lutron

Vulnerability Summary

Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) doesn't check for correct user authentication before showing the /deviceIP information, which leads to internal network information disclosure.

Vulnerable Product Search on Vulmon Subscribe to Product

lutron quantum_bacnet_integration_firmware 3.2.243

Exploits

Exploit DB: Lutron Quantum 2.0 - 3.2.243 - Information Disclosure
''' # Exploit Title: Login bypass and data leak - Lutron Quantum 20 - 32243 firmware # Date: 20-03-2018 # Exploit Author: David Castro # Contact: twittercom/SadFud75 # Vendor Homepage: wwwlutroncom # Software Link: wwwlutroncom/en-US/Products/Pages/WholeBuildingSystems/Quantum/Overviewaspx # Version: Lutron Quantum 2 ...
Exploit DB: Lutron Quantum 3.2.243 Information Disclosure
Lutron Quantum versions 20 through 32243 suffer from an information disclosure vulnerability ...

References

CWE-200https://www.exploit-db.com/exploits/44488/http://sadfud.me/explotos/deviceip.txthttps://nvd.nist.govhttps://www.exploit-db.com/exploits/44488/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserializationCVE-2024-4040cross-site scriptingCVE-2023-25790CVE-2024-2961XML external entityCVE-2024-26926CVE-2024-32806CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook