Security Advisories

At KUNBUS GmbH, we place great importance on the security of our systems and data. We recognize that security vulnerabilities can occur and appreciate the support of security experts and researchers who help us identify and address them. Our Responsible Disclosure Policy outlines how you can responsibly report security vulnerabilities and what you can expect from us.

Go to Responsible Disclosure Policy


Let us know your KUNBUS related security issues

Let us know your KUNBUS related security issues – For a secure transmission of your information to our e-mail address product-security@kunbus.com we provide a GPG key for end-to-end encryption.

KUNBUS GPG key

User-ID: KUNBUS GmbH Product Security <product-security@kunbus.com>
Validity: until December 31st, 2025
Key Type/Size: OpenPGP, RSA 4096-Bit
Key fingerprint: B484B6F71F2CD32BCCDF7C04C0027DE5D2D76A5F
https://psirt.kunbus.com/.well-known/csaf/openpgp/B484B6F71F2CD32BCCDF7C04C0027DE5D2D76A5F.asc

 

You can download our public key under the following link:

KUNBUS GPG key

Latest security advisories

Kunbus-2025-0000004: Dangerous default file permissions

Read more …

Kunbus-2025-0000003: Authentication Bypass in RevPi Webstatus

Read more …

Kunbus-2025-0000002: Missing Authentication in Node-RED integration

Read more …

Kunbus-2025-0000001: Authentication Bypass and XSS in PiCtory

Read more …

Kunbus-2024-0000001: Security Issues in Webstatus

Read more …

Revolution Pi: Multiple Authentication Vulnerabilities in webstatus Package

Read more …

Security notice for Revolution Pi base modules

Read more …

Update II security notice for gateway module Modbus TCP Slave (item no.: 100088)

Read more …

Update security notice for gateway module Modbus TCP Slave (item no.: 100088)

Read more …

Security notice for gateway module Modbus TCP Slave (item no.: 100088)

Read more …