Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-6974 | 1 Honeywell | 1 Notifier Webserver | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Honeywell has released a firmware update to address the problem. | |||||
CVE-2020-6972 | 1 Honeywell | 1 Notifier Webserver | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser. |