Saho’s attendance devices ADM100 and ADM-100FP have a vulnerability of missing authentication for critical functions. An unauthenticated remote attacker can execute system commands in partial website URLs to read sensitive device information without permissions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
saho adm-100_firmware 0.0.4.0 |
||
saho adm-100_firmware 0.0.4.3 |
||
saho adm-100_firmware 0.0.4.6 |
||
saho adm-100_firmware 0.0.4.8 |
||
saho adm-100_firmware q20100602 |
||
saho adm-100_firmware t190 |
||
saho adm-100_firmware t17041702 |
||
saho adm-100_firmware t18051803 |
||
saho adm-100fp_firmware q20100602 |
||
saho adm-100fp_firmware t190 |
||
saho adm-100fp_firmware t17041702 |
||
saho adm-100fp_firmware t18051803 |