15 matches found
EUVD-2026-28591
Lack of proper authorization implementation in the CashDro 3 web administration panel, version 24.01.00.26. The backend lacks authorization controls, leaving security entirely to the frontend. By modifying the binary string in the ‘Permissions’ field of the JSON response, an attacker could escala...
CVE-2026-8077
Lack of proper authorization implementation in the CashDro 3 web administration panel, version 24.01.00.26. The backend lacks authorization controls, leaving security entirely to the frontend. By modifying the binary string in the ‘Permissions’ field of the JSON response, an attacker could escala...
EUVD-2026-28547
Weak credentials in the CashDro 3 web administration panel, version 24.01.00.26, where the platform allows the use of numeric PINs for user authentication. The system supports the use of PIN-based credentials, maintaining compatibility with POS software integrations deployed since 2012. This coul...
CVE-2026-8076
Weak credentials in the CashDro 3 web administration panel, version 24.01.00.26, where the platform allows the use of numeric PINs for user authentication. The system supports the use of PIN-based credentials, maintaining compatibility with POS software integrations deployed since 2012. This coul...
CVE-2026-8077 Weak credentials vulnerability in the CashDro 3 web administration panel
Lack of proper authorization implementation in the CashDro 3 web administration panel, version 24.01.00.26. The backend lacks authorization controls, leaving security entirely to the frontend. By modifying the binary string in the ‘Permissions’ field of the JSON response, an attacker could escala...
CVE-2026-8077
CVE-2026-8077 concerns the CashDro 3 web administration panel (v24.01.00.26). The issue is a lack of proper authorization in the backend, with security effectively handled only on the frontend. By altering the binary string in the ‘Permissions’ field of the JSON response, an attacker could escala...
CVE-2026-8077 Weak credentials vulnerability in the CashDro 3 web administration panel
Lack of proper authorization implementation in the CashDro 3 web administration panel, version 24.01.00.26. The backend lacks authorization controls, leaving security entirely to the frontend. By modifying the binary string in the ‘Permissions’ field of the JSON response, an attacker could escala...
CVE-2026-8076
CVE-2026-8076 concerns the CashDro 3 web administration panel (version 24.01.00.26). The identified issue is weak credentials enabling PIN-based authentication, which supports numeric PINs compatible with POS integrations dating back to 2012. This design allows an attacker to perform brute-force ...
CVE-2026-8076 Weak credentials vulnerability in the CashDro 3 web administration panel
Weak credentials in the CashDro 3 web administration panel, version 24.01.00.26, where the platform allows the use of numeric PINs for user authentication. The system supports the use of PIN-based credentials, maintaining compatibility with POS software integrations deployed since 2012. This coul...
CVE-2026-8076
Weak credentials in the CashDro 3 web administration panel, version 24.01.00.26, where the platform allows the use of numeric PINs for user authentication. The system supports the use of PIN-based credentials, maintaining compatibility with POS software integrations deployed since 2012. This coul...
CVE-2026-8076 Weak credentials vulnerability in the CashDro 3 web administration panel
Weak credentials in the CashDro 3 web administration panel, version 24.01.00.26, where the platform allows the use of numeric PINs for user authentication. The system supports the use of PIN-based credentials, maintaining compatibility with POS software integrations deployed since 2012. This coul...
PT-2026-38920
Name of the Vulnerable Software and Affected Versions CashDro 3 version 24.01.00.26 Description The web administration panel contains an authorization bypass due to a lack of backend authorization controls, which relies solely on the frontend for security. An attacker can escalate privileges and...
CashDro 安全漏洞
CashDro is an intelligent device system developed by CashDro Corporation, designed for automated management of cash receipts and change dispensing at stores. Version 3.24.01.00.26 of CashDro contains a security vulnerability. This vulnerability stems from the platform’s ability to allow user...
CashDro 安全漏洞
CashDro is an intelligent device system developed by CashDro Corporation, designed for automated management of cash receipts and change dispensing at stores. Version 3.24.01.00.26 of CashDro contains a security vulnerability. This vulnerability stems from the lack of authorization control in the...
PT-2026-38910
Name of the Vulnerable Software and Affected Versions CashDro 3 version 24.01.00.26 Description The web administration panel allows the use of numeric PINs for user authentication to maintain compatibility with POS software integrations deployed since 2012. This implementation enables attackers t...