Computrols Computrols Building Automation Software — known CVE vulnerabilities
Every CVE whose affected-product data names Computrols Computrols Building Automation Software, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2019-10852 — CVSS 8.8 (high): Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via the id GET parameter, as demonstrated by the index.php?m=servers&a=start…
CVE-2019-10855 — CVSS 7.5 (high): Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 with a pw prefix, e.g., if the password is admin, it will calculate…