GCVE - cpe:2.3:h:lutron:quantum_bacnet_integration:2.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:lutron:quantum_bacnet_integration:2.0:*:*:*:*:*:*:*

part: h version: 2.0 update: *

Vendor	Lutron (`a8b22abf-be36-5d37-b592-4e308f5b4c71`)
Product	Quantum Bacnet Integration (`baaef5ef-5936-5438-85d3-0d9a4fc66bb1`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2018-8880`	not_vulnerable	2026-06-08 05:12:06.637772	Details available Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) doesn't check for correct user authentication before showing the /deviceIP information, which leads to internal network information disclosure. Published: 2018-04-23T18:00:00.000Z Updated: 2024-08-05T07:10:46.957Z Open on db.gcve.eu Reference links http://sadfud.me/explotos/deviceip.txt https://www.exploit-db.com/exploits/44488/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-7276`	not_vulnerable	2026-06-08 05:12:03.548796	Details available An issue was discovered on Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) devices. Remote attackers can obtain potentially sensitive information via a /DbXmlInfo.xml request, as demonstrated by the Latitude/Longitude of the device. Published: 2018-02-21T01:00:00.000Z Updated: 2024-09-16T18:34:47.051Z Open on db.gcve.eu Reference links http://misteralfa-hack.blogspot.com/2018/02/bacnet-entrando-en-materia.html	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.