2 matches found
CVE-2019-12254
CVE-2019-12254 affects Tecson Tankspion and GOKs SmartBox 4 products, where an endpoint that saves settings does not properly restrict access, allowing an unauthenticated user with limited rights to change settings due to weak ACL enforcement. Documents confirm a lack of adequately implemented ac...
CVE-2019-12254 TECSON/GOK: Improper Authentication and Access Control on multiple devices
In multiple Tecson Tankspion and GOKs SmartBox 4 products the affected application doesn't properly restrict access to an endpoint that is responsible for saving settings, to a unauthenticated user with limited access rights. Based on the lack of adequately implemented access-control rules, by...