173 matches found
JVN#37417423: Multiple vulnerabilities in SolarView Compact
SolarView Compact provided by Contec Co., Ltd. contains multiple vulnerabilities listed below. Exposure of information through directory listing CWE-548 - CVE-2021-20656 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N| Base Score: 3.5 CVSS v2|...
Contec Smart Home Unauthorized Password Reset Vulnerability
Contec Smart Home is a smart home management system for managing connected smart home devices. A security vulnerability exists in Contec Smart Home version 4.15, which stems from the program failing to require authentication for the newuser.php, edituser.php, deleteuser.php, and user.php files. A...
Contec Smart Home Detection
Detection of Contec Smart Home. The script sends a connection request to the server and attempts to detect Contec Smart Home and to extract its version. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Contec Smart Home Authentication Bypass Vulnerability
Contec Smart Home 4.15 devices do not require authentication for newuser.php, edituser.php, deleteuser.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from ...
CVE-2018-9162
Contec Smart Home 4.15 devices do not require authentication for newuser.php, edituser.php, deleteuser.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors...
CVE-2018-9162
Contec Smart Home 4.15 devices do not require authentication for newuser.php, edituser.php, deleteuser.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors...
CVE-2018-9162
Contec Smart Home 4.15 devices do not require authentication for newuser.php, edituser.php, deleteuser.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors...
Design/Logic Flaw
Contec Smart Home 4.15 devices do not require authentication for newuser.php, edituser.php, deleteuser.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors...
CVE-2018-9162
Contec Smart Home 4.15 devices do not require authentication for newuser.php, edituser.php, deleteuser.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors...
CVE-2018-9162
Contec Smart Home 4.15 devices are affected by an authentication bypass in the web interfaces (new_user.php, edit_user.php, delete_user.php, and user.php). The root issue is that these endpoints do not require authentication, allowing an attacker to change the administrator password and gain cont...
Contec Smart Home 4.15 - Unauthorized Password Reset Vulnerability
Exploit for hardware platform in category web applications Title : Contec smart home 4.15 Unauthorized Password Reset Shodan Dork : "content/smarthome.php" Vendor Homepage : http://contec.co.il Tested on : Google Chrome Tested version : 4.15 Date : 2018-03-14 Author : Z3ro0ne Contact :...
Contec Smart Home 4.15 - Unauthorized Password Reset
Title : Contec smart home 4.15 Unauthorized Password Reset Shodan Dork : "content/smarthome.php" Vendor Homepage : http://contec.co.il Tested on : Google Chrome Tested version : 4.15 Date : 2018-03-14 Author : Z3ro0ne Contact : [email protected] Facebook Page : https://www.facebook.com/Z3ro0...
Contec Smart Home 4.15 - Unauthorized Password Reset
Contec Smart Home 4.15 - Unauthorized Password Reset Title : Contec smart home 4.15 Unauthorized Password Reset Shodan Dork : "content/smarthome.php" Vendor Homepage : http://contec.co.il Tested on : Google Chrome Tested version : 4.15 Date : 2018-03-14 Author : Z3ro0ne Contact :...