Vendor
KevinLAB Inc
Products
2
CVEs
3
Across products
5
Status
Private
Products
2- 3 CVEs
- 2 CVEs
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-37291 | Cri | 0.64 | 9.8 | 0.08 | Apr 11, 2022 | An SQL Injection vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 ivia the input_id POST parameter in index.php. | ||
| CVE-2021-37292 | Hig | 0.47 | 7.2 | 0.07 | Apr 11, 2022 | An Access Control vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 due to an undocumented backdoor account. A malicious user can log in using the backdor account with admin highest privileges and obtain system control. | ||
| CVE-2021-37293 | Med | 0.42 | 6.5 | 0.01 | Apr 11, 2022 | A Directory Traversal vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 via the page GET parameter in index.php. |
- risk 0.64cvss 9.8epss 0.08
An SQL Injection vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 ivia the input_id POST parameter in index.php.
- risk 0.47cvss 7.2epss 0.07
An Access Control vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 due to an undocumented backdoor account. A malicious user can log in using the backdor account with admin highest privileges and obtain system control.
- risk 0.42cvss 6.5epss 0.01
A Directory Traversal vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 via the page GET parameter in index.php.