C-Bus Toolkit
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-5399 | 0.02 | — | 0.39 | Oct 4, 2023 | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause tampering of files on the personal computer running C-Bus when using the File Command. | |||
| CVE-2021-22720 | 0.01 | — | 0.31 | Apr 13, 2021 | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring a project. | |||
| CVE-2021-22719 | 0.01 | — | 0.41 | Apr 13, 2021 | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when a file is uploaded. | |||
| CVE-2021-22718 | 0.01 | — | 0.27 | Apr 13, 2021 | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring project files. | |||
| CVE-2021-22717 | 0.01 | — | 0.39 | Apr 13, 2021 | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when processing config files. | |||
| CVE-2023-5402 | 0.00 | — | 0.01 | Oct 4, 2023 | A CWE-269: Improper Privilege Management vulnerability exists that could cause a remote code execution when the transfer command is used over the network. | |||
| CVE-2021-22796 | 0.00 | — | 0.01 | Feb 11, 2022 | A CWE-287: Improper Authentication vulnerability exists that could allow remote code execution when a malicious file is uploaded. Affected Product: C-Bus Toolkit (V1.15.9 and prior), C-Gate Server (V2.11.7 and prior) | |||
| CVE-2021-22748 | 0.00 | — | 0.02 | Feb 11, 2022 | A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could allow a remote code execution when a file is saved. Affected Product: C-Bus Toolkit (V1.15.9 and prior), C-Gate Server (V2.11.7 and prior) | |||
| CVE-2021-22784 | 0.00 | — | 0.12 | Jul 21, 2021 | A CWE-306: Missing Authentication for Critical Function vulnerability exists in C-Bus Toolkit v1.15.8 and prior that could allow an attacker to use a crafted webpage to obtain remote access to the system. | |||
| CVE-2021-22716 | 0.00 | — | 0.01 | Apr 13, 2021 | A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could allow remote code execution when an unprivileged user modifies a file. Affected Product: C-Bus Toolkit (V1.15.9 and prior) |
- CVE-2023-5399Oct 4, 2023risk 0.02cvss —epss 0.39
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause tampering of files on the personal computer running C-Bus when using the File Command.
- CVE-2021-22720Apr 13, 2021risk 0.01cvss —epss 0.31
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring a project.
- CVE-2021-22719Apr 13, 2021risk 0.01cvss —epss 0.41
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when a file is uploaded.
- CVE-2021-22718Apr 13, 2021risk 0.01cvss —epss 0.27
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when restoring project files.
- CVE-2021-22717Apr 13, 2021risk 0.01cvss —epss 0.39
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in C-Bus Toolkit (V1.15.7 and prior) that could allow a remote code execution when processing config files.
- CVE-2023-5402Oct 4, 2023risk 0.00cvss —epss 0.01
A CWE-269: Improper Privilege Management vulnerability exists that could cause a remote code execution when the transfer command is used over the network.
- CVE-2021-22796Feb 11, 2022risk 0.00cvss —epss 0.01
A CWE-287: Improper Authentication vulnerability exists that could allow remote code execution when a malicious file is uploaded. Affected Product: C-Bus Toolkit (V1.15.9 and prior), C-Gate Server (V2.11.7 and prior)
- CVE-2021-22748Feb 11, 2022risk 0.00cvss —epss 0.02
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could allow a remote code execution when a file is saved. Affected Product: C-Bus Toolkit (V1.15.9 and prior), C-Gate Server (V2.11.7 and prior)
- CVE-2021-22784Jul 21, 2021risk 0.00cvss —epss 0.12
A CWE-306: Missing Authentication for Critical Function vulnerability exists in C-Bus Toolkit v1.15.8 and prior that could allow an attacker to use a crafted webpage to obtain remote access to the system.
- CVE-2021-22716Apr 13, 2021risk 0.00cvss —epss 0.01
A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could allow remote code execution when an unprivileged user modifies a file. Affected Product: C-Bus Toolkit (V1.15.9 and prior)