Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
assaabloy vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2020-10176
ASSA ABLOY Yale WIPC-301W 2.x.2.29 up to and including 2.x.2.43_p1 devices allow Eval Injection of commands.
Assaabloy Yale Wipc-301w Firmware 2.x.2.43
Assaabloy Yale Wipc-301w Firmware
NA
CVE-2023-26943
Weak encryption mechanisms in RFID Tags in Yale Keyless Lock v1.0 allows malicious users to create a cloned tag via physical proximity to the original.
Assaabloy Yale Keyless Smart Lock Firmware 1.0
6.5
CVSSv2
CVE-2020-23826
The Yale WIPC-303W 2.21 up to and including 2.31 camera is vulnerable to remote command execution (RCE) through command injection via the HTTP API. NOTE: This may be a duplicate of CVE-2020-10176
Assaabloy Yale Wipc-303w Firmware
NA
CVE-2023-26941
Weak encryption mechanisms in RFID Tags in Yale Conexis L1 v1.1.0 allows malicious users to create a cloned tag via physical proximity to the original.
Assaabloy Yale Conexis L1 Firmware 1.1.0
4.3
CVSSv2
CVE-2019-13604
There is a short key vulnerability in HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader v24. The key for obfuscating the fingerprint image is vulnerable to brute-force attacks. This allows an malicious user to recover the key and decrypt that image u...
Assaabloy Hid Digitalpersona 4500 Firmware 24
1 Github repository
NA
CVE-2023-33368
Some API routes exists in Control ID IDSecure 4.7.26.0 and prior, exfiltrating sensitive information and passwords to users accessing these API routes.
Assaabloy Control Id Idsecure
NA
CVE-2023-33370
An uncaught exception vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing malicious users to cause the main web server of IDSecure to fault and crash, causing a denial of service.
Assaabloy Control Id Idsecure
NA
CVE-2023-26942
Weak encryption mechanisms in RFID Tags in Yale IA-210 Alarm v1.0 allows malicious users to create a cloned tag via physical proximity to the original.
Assaabloy Yale Ia-210 Firmware 1.0
NA
CVE-2023-33367
A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing unauthenticated malicious users to write PHP files on the server's root directory, resulting in remote code execution.
Assaabloy Control Id Idsecure
NA
CVE-2023-33369
A path traversal vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing malicious users to delete arbitrary files on IDSecure filesystem, causing a denial of service.
Assaabloy Control Id Idsecure
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »