RSS   Vulnerabilities for 'Iq panel'   RSS

2015-10-31
 
CVE-2015-6033

 

 
Qolsys IQ Panel (aka QOL) before 1.5.1 does not verify the digital signatures of software updates, which allows man-in-the-middle attackers to bypass intended access restrictions via a modified update.

 
 
CVE-2015-6032

 

 
Qolsys IQ Panel (aka QOL) before 1.5.1 has hardcoded cryptographic keys, which allows remote attackers to create digital signatures for code by leveraging knowledge of a key from a different installation.

 


Copyright 2024, cxsecurity.com

 

Back to Top