An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. A user with read-only access can send commands to the software and the application will accept those commands. This would allow an attacker with read-only access to make changes within the application.
[
{
"product": "Lynxspring JENEsys BAS Bridge 1.1.8 and older",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Lynxspring JENEsys BAS Bridge 1.1.8 and older"
}
]
}
]