6 matches found
CVE-2022-26671
CVE-2022-26671 affects Taiwan Secom Dr.ID Access Control system’s login page, where a hard-coded credential in the source code allows an unauthenticated remote attacker to obtain partial system information and modify system settings, causing partial service disruption. The available connected doc...
CVE-2021-35961
CVE-2021-35961 concerns the Dr. ID Door Access Control and Personnel Attendance Management system, where the root cause is hard-coded admin default credentials . This enables remote attackers to access the system through the default password and obtain the highest privileges . Multiple connected ...
CVE-2024-7731
The CVE-2024-7731 issue affects the SECOM Dr.ID Access Control System. Affected product: Dr.ID Access Control System from SECOM. Root cause: improper validation of a specific page parameter leads to SQL injection. Impact: unauthenticated remote attackers can read, modify, and delete database cont...
CVE-2020-3935
CVE-2020-3935 concerns Taiwan SECOM’s Door Access Control and Personnel Attendance Management system, where user information is stored in cleartext in cookies, exposing passwords to attackers. The NVD and related records assign a CVSSv3.1 base score of 7.5 (HIGH) with NETWORK attack vector and no...
CVE-2020-3934
CVE-2020-3934: A pre-auth SQL injection vulnerability affects a Taiwan Secom door access and personnel attendance management system. Connected sources indicate an unauthenticated attack could inject SQL commands, with high-severity impact per CVSS-3.1 (CRITICAL, 9.8) and CVSS-2 (BASE 7.5) metrics...
CVE-2020-3933
CVE-2020-3933 concerns a Taiwan SECOM door access/attendance system where attackers can enumerate user accounts. The provided data from NVD (CVSS: v3.1) indicates a network-based, low-complexity issue with no authentication required, resulting in partial confidentiality impact (C:L) and no impact...