RSS   Vulnerabilities for 'Anviz firmware'   RSS

2019-12-02
 
CVE-2019-12392

CWE-863
 

 
Anviz access control devices allow remote attackers to issue commands without a password.

 
 
CVE-2019-12390

CWE-200
 

 
Anviz access control devices expose private Information (pin code and name) by allowing remote attackers to query this information without credentials via port tcp/5010.

 
 
CVE-2019-12389

CWE-200
 

 
Anviz access control devices expose credentials (names and passwords) by allowing remote attackers to query this information without credentials via port tcp/5010.

 
 
CVE-2019-12388

CWE-200
 

 
Anviz access control devices perform cleartext transmission of sensitive information (passwords/pins and names) when replying to query on port tcp/5010.

 

 >>> Vendor: Anviz 4 Products
M3 firmware
Crosschex
Anviz firmware
Management system


Copyright 2020, cxsecurity.com

 

Back to Top