KONE Group Controller (KGC) Devices Unauthenticated Remote Code Execution Vulnerability

KONE Group Controller (KGC) Devices Unauthenticated Remote Code Execution Vulnerability

CVE-2018-15484 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Unauthenticated Remote Code Execution is possible through the open HTTP interface by modifying autoexec.bat, aka KONE-01.

Learn more about our Web Application Penetration Testing UK.