4 matches found
Code injection
When the Genie Company Aladdin Connect garage door opener Retrofit-Kit Model ALDCM is placed into configuration mode the web servers “Garage Door Control Module Setup” page is vulnerable to XSS via a broadcast SSID name containing malicious code with client side Java Script and/or HTML. This allo...
PT-2024-14839 · Genie Company · Aladdin Connect
Name of the Vulnerable Software and Affected Versions: The Genie Company Aladdin Connect Retrofit-Kit Model ALDCM affected versions not specified Description: Unauthenticated access is permitted to the web interface page "Garage Door Control Module Setup" of The Genie Company Aladdin Connect...
CVE-2023-1748
CVE-2023-1748 affects Nexx Smart Home devices (Nexx Garage Door Controller NXG-100B/NXG-200, Nexx Smart Plug NXPG-100W, Nexx Smart Alarm NXAL-100). The root cause is use of hard-coded credentials, enabling an unauthenticated attacker with access to the Nexx Home mobile app or affected firmware to...
CVE-2020-12280
iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php...