Command Injection Vulnerability in Lynxspring JENEsys BAS Bridge

Command Injection Vulnerability in Lynxspring JENEsys BAS Bridge

CVE-2016-8357 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:N

An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept those commands. This would allow an attacker with read-only access to make changes within the application.

Learn more about our User Device Pen Test.