Vulnerability Details CVE-2021-35962
Specific page parameters in Dr. ID Door Access Control and Personnel Attendance Management system does not filter special characters. Remote attackers can apply Path Traversal means to download credential files from the system without permission.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.4%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2021-35962
-
cpe:2.3:a:secom:door_access_control:*
-
cpe:2.3:a:secom:personnel_attendance_system:*