191 matches found
CVE-2023-31445
Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users...
Design/Logic Flaw
Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users...
CVE-2023-31445
CVE-2023-31445 affects Cassia Access Controller prior to 2.1.1.2203171453. The issue is an unprivileged information-disclosure vulnerability enabling read-only users to enumerate all users and obtain emails, phone numbers, and privileges. The affected version is prior to 2.1.1.2203171453; remedia...
CVE-2023-31445
Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users...
Linear eMerge E3-Series Access Controller Command Injection
This module exploits a command injection vulnerability in the Linear eMerge E3-Series Access Controller. The Linear eMerge E3 versions 1.00-06 and below are vulnerable to unauthenticated command injection in cardscandecoder.php via the No and door HTTP GET parameter. Successful exploitation resul...
CVE-2021-22685
An attacker may be able to use minify route with a relative path to view any file on the Cassia Networks Access Controller prior to 2.0.1...
CVE-2021-22685
An attacker may be able to use minify route with a relative path to view any file on the Cassia Networks Access Controller prior to 2.0.1...
Design/Logic Flaw
An attacker may be able to use minify route with a relative path to view any file on the Cassia Networks Access Controller prior to 2.0.1...
CVE-2021-22685 Cassia Networks Access Controller Path Traversal
An attacker may be able to use minify route with a relative path to view any file on the Cassia Networks Access Controller prior to 2.0.1...
CVE-2021-22685 Cassia Networks Access Controller Path Traversal
An attacker may be able to use minify route with a relative path to view any file on the Cassia Networks Access Controller prior to 2.0.1...
CVE-2021-22685
The CVE-2021-22685 issue is a path-traversal vulnerability in Cassia Networks Access Controller prior to version 2.0.1. The flaw allows an attacker to use the minify route with a relative path to view arbitrary server files, potentially exposing sensitive data. Affected product: Cassia Networks A...
Tenda M3 缓冲区错误漏洞
Tenda M3 is an access controller from Tenda, China. A security vulnerability exists in Tenda M3 version V1.0.0.124856, which is caused by a stack overflow vulnerability in the formSetAdConfigInfo function. The vulnerability allows an attacker to cause a denial of service DoS via the authIPs...
Tenda M3 缓冲区错误漏洞
Tenda M3 is an access controller from Tenda, China. A security vulnerability exists in Tenda M3 version V1.0.0.124856, which is caused by a stack overflow vulnerability in the formDelAd function...
Tenda M3 formSetCfm function stack overflow vulnerability
Tenda M3 is an access controller from Tenda, China. Tenda M3 version V1.0.0.12 is vulnerable to a stack overflow vulnerability, which stems from the formSetCfm function not checking the length of input data. An attacker could exploit this vulnerability to cause a denial of service attack...
Tenda M3 formGetPassengerAnalyseData function stack overflow vulnerability
Tenda M3 is an access controller from Tenda, China. Tenda M3 v1.0.0.12 is vulnerable to a stack overflow vulnerability that stems from the formGetPassengerAnalyseData function not checking the length of the input data. An attacker could exploit this vulnerability to cause a denial of service atta...
Tenda M3 formSetAccessCodeInfo function stack overflow vulnerability
Tenda M3 is an access controller from Tenda, China. Tenda M3 V1.0.0.12 is vulnerable to a stack overflow vulnerability, which stems from the formSetAccessCodeInfo function info parameter not checking the length of the input data. An attacker could exploit this vulnerability to cause a denial of...
Tenda M3 formSetStoreWeb function buffer overflow vulnerability
Tenda M3 is an access controller from Tenda, China. buffer overflow vulnerability exists in Tenda M3 V1.0.0.12, which stems from the ssidList, storeName, trademark parameters of the formSetStoreWeb function that do not check the length of the input data. An attacker can exploit this vulnerability...
CVE-2017-20038
A vulnerability was found in SICUNET Access Controller 0.32-05z and classified as critical. Affected by this issue is some unknown functionality of the file cardscandecoder.php. The manipulation of the argument No/door leads to privilege escalation. The attack may be launched remotely...
CVE-2017-20038
A vulnerability was found in SICUNET Access Controller 0.32-05z and classified as critical. Affected by this issue is some unknown functionality of the file cardscandecoder.php. The manipulation of the argument No/door leads to privilege escalation. The attack may be launched remotely...
CVE-2017-20039
A vulnerability was found in SICUNET Access Controller 0.32-05z. It has been classified as very critical. This affects an unknown part. The manipulation leads to weak authentication. It is possible to initiate the attack remotely...