Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ECOA — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting ECOA. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ECOA serves as an enterprise cloud orchestration platform automating infrastructure deployment and management. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its 13 recorded CVEs. The platform's complex API integrations and extensive permission models have frequently introduced security gaps. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities across multiple versions suggests potential risks in environments where patching is delayed. Its broad administrative access and deep system integration make proper hardening and timely updates critical for maintaining secure operations.

Top products by ECOA: ECS Router Controller ECS (FLASH)
CVE IDTitleCVSSSeverityPublished
CVE-2021-41302 ECOA BAS controller - Missing Encryption of Sensitive Data — ECS Router Controller ECS (FLASH)CWE-311 7.3 High2021-09-30
CVE-2021-41301 ECOA BAS controller - Exposure of Sensitive Information to an Unauthorized Actor — ECS Router Controller ECS (FLASH)CWE-200 9.8 Critical2021-09-30
CVE-2021-41300 ECOA BAS controller - Insufficiently Protected Credentials-2 — ECS Router Controller ECS (FLASH)CWE-522 9.8 Critical2021-09-30
CVE-2021-41299 ECOA BAS controller - Use of Hard-coded Credentials — ECS Router Controller ECS (FLASH)CWE-798 9.8 Critical2021-09-30
CVE-2021-41298 ECOA BAS controller - Improper Access Control — ECS Router Controller ECS (FLASH)CWE-284 8.8 High2021-09-30
CVE-2021-41297 ECOA BAS controller - Insufficiently Protected Credentials-1 — ECS Router Controller ECS (FLASH)CWE-522 8.8 High2021-09-30
CVE-2021-41296 ECOA BAS controller - Weak Password Requirements — ECS Router Controller ECS (FLASH)CWE-521 9.8 Critical2021-09-30
CVE-2021-41295 ECOA BAS controller - Cross-Site Request Forgery (CSRF) — ECS Router Controller ECS (FLASH)CWE-352 8.8 High2021-09-30
CVE-2021-41294 ECOA BAS controller - Path Traversal-4 — ECS Router Controller ECS (FLASH)CWE-22 9.1 Critical2021-09-30
CVE-2021-41293 ECOA BAS controller - Path Traversal-3 — ECS Router Controller ECS (FLASH)CWE-22 7.5 High2021-09-30
CVE-2021-41292 ECOA BAS controller - Broken Authentication — ECS Router Controller ECS (FLASH)CWE-288 9.8 Critical2021-09-30
CVE-2021-41291 ECOA BAS controller - Path Traversal-1 — ECS Router Controller ECS (FLASH)CWE-22 7.5 High2021-09-30
CVE-2021-41290 ECOA BAS controller - Path Traversal-1 — ECS Router Controller ECS (FLASH)CWE-434 9.8 Critical2021-09-30

This page lists every published CVE security advisory associated with ECOA. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.