eVisitorPass contains default administrative credentials. An attacker could exploit this vulnerability to gain full access to the application.
thresholdsecurity evisitorpass 1.5.5.2