Security Vulnerabilities - CVEs Published In December 2019
An issue was discovered in TitanHQ WebTitan before 5.18. The proxy service (which is typically exposed to all users) allows connections to the internal PostgreSQL database of the appliance. By connecting to the database through the proxy (without password authentication), an attacker is able to fully control the appliance database. Through this, several different paths exist to gain further access, or execute code.
CVSS Score
9.8
EPSS Score
0.011
Published
2019-12-02
An issue was discovered in TitanHQ WebTitan before 5.18. Some functions, such as /history-x.php, of the administration interface are vulnerable to SQL Injection through the results parameter. This could be used by an attacker to extract sensitive information from the appliance database.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-12-02
An issue was discovered in TitanHQ WebTitan before 5.18. The appliance has a hard-coded root password set during installation. An attacker could utilize this to gain root privileges on the system.
CVSS Score
8.1
EPSS Score
0.004
Published
2019-12-02
An issue was discovered in TitanHQ WebTitan before 5.18. It exposes a database configuration file under /include/dbconfig.ini in the web administration interface, revealing what database the web application is using.
CVSS Score
2.7
EPSS Score
0.004
Published
2019-12-02
Anviz access control devices perform cleartext transmission of sensitive information (passwords/pins and names) when replying to query on port tcp/5010.
CVSS Score
7.5
EPSS Score
0.002
Published
2019-12-02
Anviz access control devices expose credentials (names and passwords) by allowing remote attackers to query this information without credentials via port tcp/5010.
CVSS Score
7.5
EPSS Score
0.005
Published
2019-12-02
Anviz access control devices expose private Information (pin code and name) by allowing remote attackers to query this information without credentials via port tcp/5010.
CVSS Score
5.3
EPSS Score
0.004
Published
2019-12-02
The Anviz Management System for access control has insufficient logging for device events such as door open requests.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-12-02
Anviz access control devices allow remote attackers to issue commands without a password.
CVSS Score
9.8
EPSS Score
0.007
Published
2019-12-02
Anviz access control devices are vulnerable to replay attacks which could allow attackers to intercept and replay open door requests.
CVSS Score
7.5
EPSS Score
0.003
Published
2019-12-02