Vulnerabilities > Envirosys

DATE CVE VULNERABILITY TITLE RISK
2016-05-31 CVE-2016-4502 Improper Access Control vulnerability in Envirosys ESC 8832 Data Controller 3.02
Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and earlier allows remote attackers to bypass intended access restrictions and execute arbitrary functions via a modified parameter.
network
low complexity
envirosys CWE-284
7.5
2016-05-31 CVE-2016-4501 Improper Access Control vulnerability in Envirosys ESC 8832 Data Controller 3.02
Environmental Systems Corporation (ESC) 8832 Data Controller 3.02 and earlier mishandles sessions, which allows remote attackers to bypass authentication and make arbitrary configuration changes via unspecified vectors.
network
low complexity
envirosys CWE-284
critical
9.1