>> AUTHOR: deepcore

ECOA building automation systems suffer from a cookie poisoning vulnerability that allows for authentication bypass. Many versions are affected.

ECOA building automation systems suffer from a configuration download information disclosure vulnerability. Many versions are affected.

Backdoor.Win32.Wollf.h malware suffers from a code execution vulnerability.

ECOA building automation systems have hardcoded SSH credentials. Many versions are affected.

ECOA building automation systems suffer from missing encryption of sensitive information. Many versions are affected.

ECOA building automation systems suffer from a remote privilege escalation vulnerability. Many versions are affected.

ECOA building automation systems suffer from authorization bypass and insecure direct object reference vulnerabilities. Many versions are affected.

ECOA building automation systems suffer from a local file disclosure vulnerability. Many versions are affected.

Backdoor.Win32.WinterLove.i malware suffers from a hardcoded credential vulnerability.

ECOA building automation systems suffer from an arbitrary file deletion vulnerability. Many versions are affected.