CVE-2019-6838

CVE-2019-6838

Vendor N/A
Product U.motion Servers (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, and MEG6260-0415 - U.motion KNX Server Plus, Touch 1)
Weakness CWE-863 · Incorrect authorization
Published September 17, 2019
Last update August 4, 2024
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

A CWE-863: Incorrect Authorization vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow a user with low privileges to delete a critical file.

Key dates

02Disclosure timeline

September 17, 2019 CVE published
August 4, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-12038 Folderly <= 0.3 - Incorrect Authorization to Authenticated (Author+) Term Deletion CVE-2024-27288 1Panel open source panel project has an unauthorized vulnerability. CVE-2026-4274 Insufficient authorization in shared channel membership sync grants team-level access instead of channel-level access CVE-2025-54263 Adobe Commerce | Incorrect Authorization (CWE-863) CVE-2025-5822 Autel MaxiCharger AC Wallbox Commercial Technician API Incorrect Authorization Privilege Escalation Vulnerability