Optergy Proton/Enterprise BMS 2.3.0a Open Redirect

Optergy Proton/Enterprise BMS versions 2.3.0a and below suffer from an open redirect vulnerability.


MD5 | c424e954c9d06c5a17b69f0b43c17749


Open Redirect in Optergy Proton/Enterprise BMS
Firmware version: <=2.3.0a
CVE: CVE-2019-7275
Advisory: https://applied-risk.com/resources/ar-2019-008
Paper: https://applied-risk.com/resources/i-own-your-building-management-system

by Gjoko 'LiquidWorm' Krstic

GET /updating.jsp?url=https://segfault.mk HTTP/1.1

Related Posts