Every CVE whose affected-product data names Kevinlab 4st L-bems, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2021-37291 — CVSS 9.8 (critical): An SQL Injection vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 ivia the input_id POST parameter in…
CVE-2021-37292 — CVSS 7.2 (high): An Access Control vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 due to an undocumented backdoor…
CVE-2021-37293 — CVSS 6.5 (medium): A Directory Traversal vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS 1.0.0 via the page GET parameter in…