A CWE-306: Missing Authentication for Critical Function vulnerability exists in C-Bus Toolkit v1.15.8 and prior that could allow an attacker to use a crafted webpage to obtain remote access to the system.
https://www.tenable.com/security/research/tra-2021-50
Source: Mitre, NVD
Published: 2021-07-21
Base Score: 3.5
Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N
Severity: Low
Base Score: 5.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
Severity: Medium