2 matches found
Authentication flaw
An authentication bypass in website post requests in the Tzumi Electronics Klic Lock application 1.0.9 for mobile devices allows attackers to access resources that are not otherwise accessible without proper authentication via capture-replay. Physically proximate attackers can use this informatio...
PT-2019-12246 · Tzumi Electronics · Klic Lock +1
Name of the Vulnerable Software and Affected Versions: Tzumi Electronics Klic Lock application version 1.0.9 Tzumi Electronics Klic Smart Padlock Model 5686 Firmware 6.2 Description: The issue allows attackers to bypass authentication in website post requests, enabling them to access resources th...