NuytsTech Security

CVE-2018-15484

by ·

An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Unauthenticated Remote Code Execution is possible through the open HTTP interface by modifying autoexec.bat, aka KONE-01.

Date published : 2018-09-07

https://www.kone.com/en/vulnerability.aspx

http://packetstormsecurity.com/files/149252/KONE-KGC-4.6.4-DoS-Code-Execution-LFI-Bypass.html

Tags: