Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

TAPHOME Security Vulnerabilities

cve
cve

CVE-2023-2760

An SQL injection vulnerability exists in TapHome core HandleMessageUpdateDevicePropertiesRequest function before version 2023.2, allowing low privileged users to inject arbitrary SQL directives into an SQL query and execute arbitrary SQL commands and get full reading access. This may also lead to.....

7.6CVSS

7.9AI Score

0.0005EPSS

2023-07-17 07:15 AM
9
cve
cve

CVE-2023-2759

A hidden API exists in TapHome's core platform before version 2023.2 that allows an authenticated, low privileged user to change passwords of other users without any prior knowledge. The attacker may gain full access to the device by using this...

8.8CVSS

8.6AI Score

0.001EPSS

2023-07-17 07:15 AM
2168