Vulnerabilities (CVE)

Filtered by vendor Honeywell Subscribe
Filtered by product Notifier Webserver
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-6974 1 Honeywell 1 Notifier Webserver 2024-11-21 7.5 HIGH 9.8 CRITICAL
Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restricted directories. Honeywell has released a firmware update to address the problem.
CVE-2020-6972 1 Honeywell 1 Notifier Webserver 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser.