4 matches found
CVE-2021-35961
CVE-2021-35961 concerns the Dr. ID Door Access Control and Personnel Attendance Management system, where the root cause is hard-coded admin default credentials . This enables remote attackers to access the system through the default password and obtain the highest privileges . Multiple connected ...
CVE-2024-7731
The CVE-2024-7731 issue affects the SECOM Dr.ID Access Control System. Affected product: Dr.ID Access Control System from SECOM. Root cause: improper validation of a specific page parameter leads to SQL injection. Impact: unauthenticated remote attackers can read, modify, and delete database cont...
CVE-2020-3934
CVE-2020-3934: A pre-auth SQL injection vulnerability affects a Taiwan Secom door access and personnel attendance management system. Connected sources indicate an unauthenticated attack could inject SQL commands, with high-severity impact per CVSS-3.1 (CRITICAL, 9.8) and CVSS-2 (BASE 7.5) metrics...
CVE-2020-3933
CVE-2020-3933 concerns a Taiwan SECOM door access/attendance system where attackers can enumerate user accounts. The provided data from NVD (CVSS: v3.1) indicates a network-based, low-complexity issue with no authentication required, resulting in partial confidentiality impact (C:L) and no impact...