cvedb.io
CVE-2015-7907
HIGH · CVSS 8.6
EPSS exploitation probability: 0%
Published 2015-12-21T11:59:09.190 · Last modified 2026-06-17T00:33:22.170

Summary

Directory traversal vulnerability in the web server on Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allows remote attackers to bypass authentication, and write to a configuration file or trigger a calibration or test, via unspecified vectors.

Affected products

honeywell — midas_black_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when honeywell ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.