{"vulnerability": "CVE-2021-41294", "sightings": [{"uuid": "bc37f154-823c-4448-9b59-97808d318108", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41294", "type": "seen", "source": "https://t.me/cibsecurity/29714", "content": "\u203c CVE-2021-41294 \u203c\n\nECOA BAS controller suffers from a path traversal vulnerability, causing arbitrary files deletion. Using the specific GET parameter, unauthenticated attackers can remotely delete arbitrary files on the affected device and cause denial of service scenario.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-30T14:38:08.000000Z"}]}