Qolsys: >> Iq Panel Security Vulnerabilities
Qolsys IQ Panel (aka QOL) before 1.5.1 does not verify the digital signatures of software updates, which allows man-in-the-middle attackers to bypass intended access restrictions via a modified update.
CVSS Score
9.3
EPSS Score
0.001
Published
2015-10-31
Qolsys IQ Panel (aka QOL) before 1.5.1 has hardcoded cryptographic keys, which allows remote attackers to create digital signatures for code by leveraging knowledge of a key from a different installation.
CVSS Score
9.3
EPSS Score
0.005
Published
2015-10-31