Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-12392 | 1 Anviz | 1 Anviz Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Anviz access control devices allow remote attackers to issue commands without a password. | |||||
CVE-2019-12390 | 1 Anviz | 1 Anviz Firmware | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
Anviz access control devices expose private Information (pin code and name) by allowing remote attackers to query this information without credentials via port tcp/5010. | |||||
CVE-2019-12389 | 1 Anviz | 1 Anviz Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Anviz access control devices expose credentials (names and passwords) by allowing remote attackers to query this information without credentials via port tcp/5010. | |||||
CVE-2019-12388 | 1 Anviz | 1 Anviz Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Anviz access control devices perform cleartext transmission of sensitive information (passwords/pins and names) when replying to query on port tcp/5010. |