Vulnerabilities > Johnsoncontrols > Entrapass

DATE CVE VULNERABILITY TITLE RISK
2020-03-10 CVE-2019-7589 Improper Input Validation vulnerability in Johnsoncontrols Entrapass 7.60
A vulnerability with the SmartService API Service option exists whereby an unauthorized user could potentially exploit this to upload malicious code to the server that could be executed at system level privileges.
network
low complexity
johnsoncontrols CWE-20
critical
9.8