CNNVD-202511-1351 Information

CNNVD ID

CNNVD-202511-1351

Related CVE

CVE-2023-7329

• CNNVD Published: 2025-11-12

Description (Chinese)

Tinycontrol LAN Controller是波兰Tinycontrol公司的一个楼宇自动化控制器。 Tinycontrol LAN Controller v3 1.58a及之前版本存在安全漏洞，该漏洞源于stm.cgi端点缺少身份验证，可能导致拒绝服务和配置丢失。

Description (English)

Tinycontrol LAN Contractor is a building automation controller of the Polish company Tinycontrol. There is a security loophole in Tinycontrol LAN Contractor v3.58a and earlier versions, which stems from the lack of identification at the stm.cgi endpoint, which may lead to the loss of services and configurations.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Tinycontrol

Published

2025-11-12

Last Modified

2026-02-24

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/275810 https://www.exploit-db.com/exploits/51730 https://packetstormsecurity.com/files/174455/ https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5785.php https://www.vulncheck.com/advisories/tinycontrol-lan-controller-v3-remote-dos https://tinycontrol.pl/en/archives/lan-controller-35/ https://access.redhat.com/security/cve/cve-2023-7329