Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
anviz vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-12388
Anviz access control devices perform cleartext transmission of sensitive information (passwords/pins and names) when replying to query on port tcp/5010.
Anviz Anviz Firmware -
7.5
CVSSv3
CVE-2019-12389
Anviz access control devices expose credentials (names and passwords) by allowing remote malicious users to query this information without credentials via port tcp/5010.
Anviz Anviz Firmware -
5.3
CVSSv3
CVE-2019-12390
Anviz access control devices expose private Information (pin code and name) by allowing remote malicious users to query this information without credentials via port tcp/5010.
Anviz Anviz Firmware -
9.8
CVSSv3
CVE-2019-12392
Anviz access control devices allow remote malicious users to issue commands without a password.
Anviz Anviz Firmware -
9.8
CVSSv3
CVE-2019-12518
Anviz CrossChex access control management software 4.3.8.0 and 4.3.12 is vulnerable to a buffer overflow vulnerability.
Anviz Crosschex 4.3.8.0
Anviz Crosschex 4.3.12
9.8
CVSSv3
CVE-2019-11523
Anviz Global M3 Outdoor RFID Access Control executes any command received from any source. No authentication/encryption is done. Attackers can fully interact with the device: for example, send the "open door" command, download the users list (which includes RFID codes a...
Anviz M3 Firmware -
1 Github repository
7.5
CVSSv3
CVE-2019-12391
The Anviz Management System for access control has insufficient logging for device events such as door open requests.
Anviz Management System -
7.5
CVSSv3
CVE-2019-12393
Anviz access control devices are vulnerable to replay attacks which could allow malicious users to intercept and replay open door requests.
Anviz Management System -
9.8
CVSSv3
CVE-2019-12394
Anviz access control devices allow unverified password change which allows remote malicious users to change the administrator password without prior authentication.
Anviz Management System -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3012
CVE-2024-30200
XXE
CVE-2023-24955
CVE-2023-42931
CVE-2024-29231
remote code execution
cross-site scripting
CVE-2024-0677
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started