Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Dr\.id_access_control
(Secom)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 6 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-08-14 | CVE-2024-7731 | Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents. | Dr\.id_access_control | 9.8 | ||
| 2022-04-07 | CVE-2022-26671 | Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. An unauthenticated remote attacker can use the hard-coded credential to acquire partial system information and modify system setting to cause partial disrupt of service. | Dr\.id_access_control, Dr\.id_attendance_system | 7.3 | ||
| 2020-02-11 | CVE-2020-3933 | TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, allows attackers to enumerate and exam user account in the system. | Dr\.id_access_control, Dr\.id_attendance_system | 5.3 | ||
| 2020-02-11 | CVE-2020-3934 | TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, contains a vulnerability of Pre-auth SQL Injection, allowing attackers to inject a specific SQL command. | Dr\.id_access_control, Dr\.id_attendance_system | 9.8 | ||
| 2020-02-11 | CVE-2020-3935 | TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, stores users’ information by cleartext in the cookie, which divulges password to attackers. | Dr\.id_access_control, Dr\.id_attendance_system | 7.5 | ||
| 2021-07-16 | CVE-2021-35961 | Dr. ID Door Access Control and Personnel Attendance Management system uses the hard-code admin default credentials that allows remote attackers to access the system through the default password and obtain the highest permission. | Dr\.id_access_control | 9.8 |