CVE-2021-41847

An issue was discovered in 3xLogic Infinias Access Control through 6.7.10708.0, affecting physical security. Users with login credentials assigned to a specific zone can send modified HTTP GET and POST requests, allowing them to view user data such as personal information and Prox card credential...

CVE-2019-18651

A cross-site request forgery CSRF vulnerability in 3xLogic Infinias Access Control through 6.6.9586.0 allows remote attackers to execute malicious and unauthorized actions e.g., delete application users by sending a crafted HTML document or encoded URL to a user that the website trusts. The user...

CVE-2020-12681

Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through 3.4.125 allows an attacker to intercept/control the channel by which door lock policies are applied...

EUVD-2019-8370

Malware in sbrugna...

EUVD-2020-4977

Malware in sbrugna...

EUVD-2020-3893

Malware in sbrugna...

EUVD-2021-28848

Malicious code in bioql PyPI...

CVE-2020-11542

3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authentication Bypass via CMD.HTM?CMD= because authentication depends on the client side's interpretation of the MYKEY substring...

CVE-2021-41847

An issue was discovered in 3xLogic Infinias Access Control through 6.7.10708.0, affecting physical security. Users with login credentials assigned to a specific zone can send modified HTTP GET and POST requests, allowing them to view user data such as personal information and Prox card credential...

Information disclosure

An issue was discovered in 3xLogic Infinias Access Control through 6.7.10708.0, affecting physical security. Users with login credentials assigned to a specific zone can send modified HTTP GET and POST requests, allowing them to view user data such as personal information and Prox card credential...

CVE-2021-41847

The CVE-2021-41847 entry concerns 3xLogic Infinias Access Control up to version 6.7.10708.0. The issue allows users with credentials for a specific zone to issue modified HTTP GET/POST requests to view personal data and Prox card credentials, and to unlock electronic locks of other zones. Additio...

CVE-2021-41847

An issue was discovered in 3xLogic Infinias Access Control through 6.7.10708.0, affecting physical security. Users with login credentials assigned to a specific zone can send modified HTTP GET and POST requests, allowing them to view user data such as personal information and Prox card credential...

3xLogic Infinias Access Control 安全漏洞

3xlogic 3xLogic Infinias Access Control is an access control solution from 3xLogic 3xlogic USA. A security vulnerability exists in 3xLogic Infinias Access Control that affects physical security...

CVE-2020-12681

Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through 3.4.125 allows an attacker to intercept/control the channel by which door lock policies are applied...

CVE-2020-12681

Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through 3.4.125 allows an attacker to intercept/control the channel by which door lock policies are applied...

Design/Logic Flaw

Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through 3.4.125 allows an attacker to intercept/control the channel by which door lock policies are applied...

CVE-2020-12681

Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through 3.4.125 allows an attacker to intercept/control the channel by which door lock policies are applied...

CVE-2020-12681

The CVE-2020-12681 issue affects 3xLogic Infinias eIDC32 devices (through version 3.4.125). Root cause: missing TLS certificate validation, enabling an attacker to intercept or control the channel used to apply door lock policies. Impact, as stated, is the interception/control of policy applicati...

3xlogic 3xLogic Infinias eIDC32 信任管理问题漏洞

The 3xlogic 3xLogic Infinias eIDC32 is an access control controller from 3xLogic 3xlogic USA. A security vulnerability exists in the 3xLogic Infinias eIDC32, which allows an attacker to exploit the vulnerability to intercept channels that control the application of door locking policies...

3xLogic Infinias eIDC32 Authorization Issues Vulnerability

The 3xLogic Infinias eIDC32 is an access control controller from 3xLogic USA. A security vulnerability exists in the 3xLOGIC Infinias eIDC32 Web version 1.107 using firmware version 32 2.213, which originates from the program's authentication via client-side parsing of the ＜KEY＞MYKEY＜/KEY＞ string...