CVE-2022-2474 (haas_controller_firmware)

CVE-2022-2474 (haas_controller_firmware)

Authentication is currently unsupported in Haas Controller version 100.20.000.1110 when using the “Ethernet Q Commands� service, which allows any user on the same network segment as the controller (even while connected remotely) to access the service and write unauthorized macros to the device.Read More