RSS   Vulnerabilities for 'Evisitorpass'   RSS

2019-03-21
 
CVE-2018-17497

CWE-255
 

 
eVisitorPass contains default administrative credentials. An attacker could exploit this vulnerability to gain full access to the application.

 
 
CVE-2018-17496

CWE-noinfo
 

 
eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error while in kiosk mode. By visiting the kiosk and typing ctrl+shift+esc, an attacker could exploit this vulnerability to open the task manager to kill the process or launch new processes on the system.

 
 
CVE-2018-17495

CWE-noinfo
 

 
eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Help Dialog. By visiting the kiosk and removing the program from fullscreen, an attacker could exploit this vulnerability using the terminal to launch the command prompt.

 


Copyright 2024, cxsecurity.com

 

Back to Top