Lucene search
Tuxedo Touch Security Vulnerabilities
cve
Cross-site request forgery (CSRF) vulnerability in Honeywell Tuxedo Touch before 5.2.19.0_VA allows remote attackers to hijack the authentication of arbitrary users for requests associated with home-automation commands, as demonstrated by a door-unlock...
7.4AI Score
0.001EPSS
2015-07-26 06:59 PM
19
cve
Honeywell Tuxedo Touch before 5.2.19.0_VA relies on client-side authentication involving JavaScript, which allows remote attackers to bypass intended access restrictions by removing USERACCT requests from the client-server data...
7.2AI Score
0.003EPSS
2015-07-26 06:59 PM
24