Dr.id Access Control Security Vulnerabilities and Issues — Dr.id Access Control CVE List

Lucene search

SecomDr.id Access Control

6 matches found

CVE•added 2022/04/07 7:15 p.m.•70 views

CVE-2022-26671

Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. An unauthenticated remote attacker can use the hard-coded credential to acquire partial system information and modify system setting to cause partial disrupt of service.

7.5CVSS7AI score0.00648EPSS

CVE•added 2020/02/11 12:15 p.m.•40 views

CVE-2020-3935

TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, stores users’ information by cleartext in the cookie, which divulges password to attackers.

7.5CVSS7.5AI score0.00218EPSS

CVE•added 2021/07/16 4:15 p.m.•39 views

CVE-2021-35961

Dr. ID Door Access Control and Personnel Attendance Management system uses the hard-code admin default credentials that allows remote attackers to access the system through the default password and obtain the highest permission.

10CVSS9.7AI score0.01583EPSS

CVE•added 2024/08/14 7:15 a.m.•39 views

CVE-2024-7731

Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents.

9.8CVSS9.9AI score0.009EPSS

CVE•added 2020/02/11 12:15 p.m.•34 views

CVE-2020-3934

TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, contains a vulnerability of Pre-auth SQL Injection, allowing attackers to inject a specific SQL command.

9.8CVSS9.7AI score0.00375EPSS

CVE•added 2020/02/11 12:15 p.m.•33 views

CVE-2020-3933

TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, allows attackers to enumerate and exam user account in the system.

5.3CVSS5.2AI score0.00455EPSS