MidnightBSD

Advisories for kmc_controls

CVE-2016-4494 MEDIUM

Cross-site request forgery (CSRF) vulnerability on KMC Controls BAC-5051E devices with firmware before E0.2.0.2 allows remote attackers to hijack the authentication of unspecified victims for requests that disclose the contents of a configuration file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
kmc_controls bac-5051e_firmware *
CVE-2016-4495 MEDIUM

KMC Controls BAC-5051E devices with firmware before E0.2.0.2 allow remote attackers to bypass intended access restrictions and read a configuration file via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,CWE-310,

Products Affected

Vendor Product Version
kmc_controls bac-5051e_firmware -