Lucene search
K

13 matches found

OSV
OSV
added 2024/01/03 8:15 p.m.6 views

CVE-2023-5880

When the Genie Company Aladdin Connect garage door opener Retrofit-Kit Model ALDCM is placed into configuration mode the web servers “Garage Door Control Module Setup” page is vulnerable to XSS via a broadcast SSID name containing malicious code with client side Java Script and/or HTML. This allo...

8.8CVSS5.8AI score0.00553EPSS
Exploits0References1
OSV
OSV
added 2024/01/03 8:15 p.m.5 views

CVE-2023-5881

Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect Retrofit-Kit Model ALDCM "Garage Door Control Module Setup" and modify the Garage door's SSID settings...

8.2CVSS5.8AI score0.00605EPSS
Exploits0References1
NVD
NVD
added 2024/01/03 8:15 p.m.23 views

CVE-2023-5881

Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect Retrofit-Kit Model ALDCM "Garage Door Control Module Setup" and modify the Garage door's SSID settings...

8.2CVSS8.2AI score0.00605EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/03 7:22 p.m.28 views

CVE-2023-5881 Unauthenticated access permitted to web interface page "Garage Door Control Module Setup"

Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect Retrofit-Kit Model ALDCM "Garage Door Control Module Setup" and modify the Garage door's SSID settings...

8.4AI score0.00605EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/03 7:22 p.m.17 views

CVE-2023-5881 Unauthenticated access permitted to web interface page "Garage Door Control Module Setup"

Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect Retrofit-Kit Model ALDCM "Garage Door Control Module Setup" and modify the Garage door's SSID settings...

6.9AI score0.00605EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/03 7:16 p.m.15 views

CVE-2023-5880 Cross-site Scripting (XSS) injected into Aladdin Connect garage door opener (Retrofit-Kit) configuration setup webserver console via broadcast SSID name

When the Genie Company Aladdin Connect garage door opener Retrofit-Kit Model ALDCM is placed into configuration mode the web servers “Garage Door Control Module Setup” page is vulnerable to XSS via a broadcast SSID name containing malicious code with client side Java Script and/or HTML. This allo...

5.8AI score0.00553EPSS
Exploits0References1
CVE
CVE
added 2024/01/03 7:16 p.m.63 views

CVE-2023-5880

CVE-2023-5880 affects Genie Aladdin Connect Retrofit-Kit (Model ALDCM). When the device is in configuration mode, the web server page “Garage Door Control Module Setup” is vulnerable to cross-site scripting via a broadcast SSID name containing HTML/JavaScript, enabling injection of code into a us...

8.8CVSS8.2AI score0.00553EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/03 7:16 p.m.30 views

CVE-2023-5880 Cross-site Scripting (XSS) injected into Aladdin Connect garage door opener (Retrofit-Kit) configuration setup webserver console via broadcast SSID name

When the Genie Company Aladdin Connect garage door opener Retrofit-Kit Model ALDCM is placed into configuration mode the web servers “Garage Door Control Module Setup” page is vulnerable to XSS via a broadcast SSID name containing malicious code with client side Java Script and/or HTML. This allo...

8.3AI score0.00553EPSS
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2024/01/03 6:58 p.m.43 views

Genie Aladdin Connect Retrofit Garage Door Opener: Multiple Vulnerabilities

Rapid7, Inc. Rapid7 discovered vulnerabilities in Aladdin Connect retrofit kit garage door opener and Android mobile application produced by Genie. The affected products are: Aladdin Garage door smart retrofit kit, Model ALDCM Android Mobile application ALADDIN Connect, Version 5.65 Build 2075...

6.8CVSS6.7AI score0.00605EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/01/03 12:0 a.m.10 views

PT-2024-14838 · Genie Company · Aladdin Connect

Name of the Vulnerable Software and Affected Versions: Genie Company Aladdin Connect garage door opener Retrofit-Kit Model ALDCM affected versions not specified Description: The Genie Company Aladdin Connect garage door opener is vulnerable to XSS via a broadcast SSID name containing malicious co...

8.8CVSS8.3AI score0.00553EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/01/03 12:0 a.m.9 views

PT-2024-14839 · Genie Company · Aladdin Connect

Name of the Vulnerable Software and Affected Versions: The Genie Company Aladdin Connect Retrofit-Kit Model ALDCM affected versions not specified Description: Unauthenticated access is permitted to the web interface page "Garage Door Control Module Setup" of The Genie Company Aladdin Connect...

8.2CVSS8.8AI score0.00605EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/01/03 12:0 a.m.4 views

Genie Aladdin Connect Access Control Error Vulnerability

Genie Aladdin Connect is a garage door controller from Genie. An access control error vulnerability exists in Genie Aladdin Connect Retrofit-Kit Model ALDCM that originates from allowing an unauthenticated attacker to access the SSID settings on the Garage Door Control Module Setup page...

8.2CVSS6.9AI score0.00605EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/01/03 12:0 a.m.6 views

Genie Aladdin Connect garage door opener Cross-site scripting vulnerability

Genie Aladdin Connect garage door opener is a garage door opener from Genie. A security vulnerability exists in the Genie Aladdin Connect garage door opener Retrofit-Kit Model ALDCM that stems from a cross-site scripting XSS vulnerability on the Garage Door Control Module Setup page...

8.8CVSS5.8AI score0.00553EPSS
Exploits0References2
Rows per page
Query Builder