Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
assaabloy control id idsecure vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-33367
A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing unauthenticated malicious users to write PHP files on the server's root directory, resulting in remote code execution.
Assaabloy Control Id Idsecure
NA
CVE-2023-33368
Some API routes exists in Control ID IDSecure 4.7.26.0 and prior, exfiltrating sensitive information and passwords to users accessing these API routes.
Assaabloy Control Id Idsecure
NA
CVE-2023-33369
A path traversal vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing malicious users to delete arbitrary files on IDSecure filesystem, causing a denial of service.
Assaabloy Control Id Idsecure
NA
CVE-2023-33370
An uncaught exception vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing malicious users to cause the main web server of IDSecure to fault and crash, causing a denial of service.
Assaabloy Control Id Idsecure
NA
CVE-2023-33371
Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing malicious users to sign arbitrary session tokens and bypass authentication.
Assaabloy Control Id Idsecure
NA
CVE-2023-2044
A vulnerability has been found in Control iD iDSecure 4.7.29.1 and classified as problematic. This vulnerability affects unknown code of the component Dispositivos Page. The manipulation of the argument IP-DNS leads to cross site scripting. The attack can be initiated remotely. V...
Assaabloy Control Id Idsecure 4.7.29.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started