3 matches found
Multiple Flaws Found in ScrutisWeb Software Exposes ATMs to Remote Hacking
Four security vulnerabilities in the ScrutisWeb ATM fleet monitoring software made by Iagona could be exploited to remotely break into ATMs, upload arbitrary files, and even reboot the terminals. The shortcomings were discovered by the Synack Red Team SRT following a client engagement. The issues...
CVE-2023-38257
creationtimestamp| type| source ---|---|--- 2023-07-18 22:31:10+00:00| seen| https://t.me/cibsecurity/66936...
CVE-2023-38257
CVE-2023-38257 affects Iagona ScrutisWeb up to version 2.1.37. It is an insecure direct object reference that could allow an unauthenticated attacker to view profile information, including user login names and encrypted passwords. The advisory notes remote exploitation is possible with low attack...