Lucene search
K
SecomDr.id Access Control

6 matches found

CVE
CVE
added 2022/04/07 6:22 p.m.81 views

CVE-2022-26671

CVE-2022-26671 affects Taiwan Secom Dr.ID Access Control system’s login page, where a hard-coded credential in the source code allows an unauthenticated remote attacker to obtain partial system information and modify system settings, causing partial service disruption. The available connected doc...

7.5CVSS7AI score0.00938EPSS
CVE
CVE
added 2021/07/16 3:20 p.m.57 views

CVE-2021-35961

CVE-2021-35961 concerns the Dr. ID Door Access Control and Personnel Attendance Management system, where the root cause is hard-coded admin default credentials . This enables remote attackers to access the system through the default password and obtain the highest privileges . Multiple connected ...

10CVSS9.7AI score0.02187EPSS
CVE
CVE
added 2024/08/14 6:30 a.m.55 views

CVE-2024-7731

The CVE-2024-7731 issue affects the SECOM Dr.ID Access Control System. Affected product: Dr.ID Access Control System from SECOM. Root cause: improper validation of a specific page parameter leads to SQL injection. Impact: unauthenticated remote attackers can read, modify, and delete database cont...

9.8CVSS9.9AI score0.00835EPSS
CVE
CVE
added 2020/02/11 8:0 a.m.52 views

CVE-2020-3935

CVE-2020-3935 concerns Taiwan SECOM’s Door Access Control and Personnel Attendance Management system, where user information is stored in cleartext in cookies, exposing passwords to attackers. The NVD and related records assign a CVSSv3.1 base score of 7.5 (HIGH) with NETWORK attack vector and no...

7.5CVSS7.5AI score0.00927EPSS
CVE
CVE
added 2020/02/11 8:0 a.m.46 views

CVE-2020-3934

CVE-2020-3934: A pre-auth SQL injection vulnerability affects a Taiwan Secom door access and personnel attendance management system. Connected sources indicate an unauthenticated attack could inject SQL commands, with high-severity impact per CVSS-3.1 (CRITICAL, 9.8) and CVSS-2 (BASE 7.5) metrics...

9.8CVSS9.7AI score0.01386EPSS
CVE
CVE
added 2020/02/11 8:0 a.m.42 views

CVE-2020-3933

CVE-2020-3933 concerns a Taiwan SECOM door access/attendance system where attackers can enumerate user accounts. The provided data from NVD (CVSS: v3.1) indicates a network-based, low-complexity issue with no authentication required, resulting in partial confidentiality impact (C:L) and no impact...

5.3CVSS5.2AI score0.01244EPSS