Lucene search
K

7 matches found

NVD
NVD
added 2026/01/26 10:16 a.m.6 views

CVE-2025-59091

Multiple hardcoded credentials have been identified, which are allowed to sign-in to the exos 9300 datapoint server running on port 1004 and 1005. This server is used for relaying status information from and to the Access Managers. This information, among other things, is used to graphically...

9.3CVSS0.00759EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/26 12:0 a.m.7 views

PT-2026-4747

The exos 9300 application can be used to configure Access Managers e.g. 92xx, 9230 and 9290. The configuration is done in a graphical user interface on the dormakaba exos server. As soon as the save button is clicked in exos 9300, the whole configuration is sent to the selected Access Manager via...

9.3CVSS5.9AI score0.00523EPSS
Exploits0References4
OSV
OSV
added 2025/12/24 8:15 p.m.5 views

CVE-2019-25242

FaceSentry Access Control System 6.4.8 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change administrator passwords, add new admin users, or open access control doors by...

5.1CVSS5.7AI score0.002EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2025/12/24 7:27 p.m.5 views

CVE-2019-25242 FaceSentry Access Control System 6.4.8 Cross-Site Request Forgery via Web Interface

FaceSentry Access Control System 6.4.8 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change administrator passwords, add new admin users, or open access control doors by...

5.1CVSS5.8AI score0.002EPSS
Exploits2References3
Cvelist
Cvelist
added 2025/12/24 7:27 p.m.28 views

CVE-2019-25242 FaceSentry Access Control System 6.4.8 Cross-Site Request Forgery via Web Interface

FaceSentry Access Control System 6.4.8 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change administrator passwords, add new admin users, or open access control doors by...

5.1CVSS0.002EPSS
Exploits2References3
OSV
OSV
added 2022/01/24 7:15 p.m.16 views

CVE-2022-23126

TeslaMate before 1.25.1 when using the default Docker configuration allows attackers to open doors of Tesla vehicles, start Keyless Driving, and interfere with vehicle operation en route. This occurs because an attacker can leverage Grafana login access to obtain a token for Tesla API calls...

9.8CVSS6.7AI score
Exploits0References5
NVD
NVD
added 2022/01/24 7:15 p.m.13 views

CVE-2022-23126

TeslaMate before 1.25.1 when using the default Docker configuration allows attackers to open doors of Tesla vehicles, start Keyless Driving, and interfere with vehicle operation en route. This occurs because an attacker can leverage Grafana login access to obtain a token for Tesla API calls...

9.8CVSS0.0227EPSS
Exploits0References5
Rows per page
Query Builder