Vulnerabilities > Lutron
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-02 | CVE-2018-11682 | Use of Hard-coded Credentials vulnerability in Lutron products Default and unremovable support credentials allow attackers to gain total super user control of an IoT device through a TELNET session to products using the Stanza Lutron integration protocol Revision M to Revision Y. | 9.8 |
| 2018-06-02 | CVE-2018-11681 | Use of Hard-coded Credentials vulnerability in Lutron products Default and unremovable support credentials (user:nwk password:nwk2) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the RadioRA 2 Lutron integration protocol Revision M to Revision Y. | 9.8 |
| 2018-06-02 | CVE-2018-11629 | Use of Hard-coded Credentials vulnerability in Lutron products Default and unremovable support credentials (user:lutron password:integration) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the HomeWorks QS Lutron integration protocol Revision M to Revision Y. | 9.8 |
| 2018-04-23 | CVE-2018-8880 | Information Exposure vulnerability in Lutron Quantum Bacnet Integration Firmware 3.2.243 Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) doesn't check for correct user authentication before showing the /deviceIP information, which leads to internal network information disclosure. | 7.5 |
| 2018-02-21 | CVE-2018-7276 | Information Exposure vulnerability in Lutron Quantum Bacnet Integration Firmware 3.2.243 An issue was discovered on Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) devices. | 7.5 |