Secom: >> Dr.id Access Control Security Vulnerabilities
Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents.
CVSS Score
9.8
EPSS Score
0.009
Published
2024-08-14
Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. An unauthenticated remote attacker can use the hard-coded credential to acquire partial system information and modify system setting to cause partial disrupt of service.
CVSS Score
7.3
EPSS Score
0.006
Published
2022-04-07
Dr. ID Door Access Control and Personnel Attendance Management system uses the hard-code admin default credentials that allows remote attackers to access the system through the default password and obtain the highest permission.
CVSS Score
9.8
EPSS Score
0.016
Published
2021-07-16
TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, contains a vulnerability of Pre-auth SQL Injection, allowing attackers to inject a specific SQL command.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-02-11
TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, stores users’ information by cleartext in the cookie, which divulges password to attackers.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-02-11
TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, allows attackers to enumerate and exam user account in the system.
CVSS Score
5.3
EPSS Score
0.005
Published
2020-02-11