Secom: >> Dr.id Attendance System >> 3.4.0.0.3.11 Security Vulnerabilities
Dr.ID Access Control System from SECOM does not properly validate a specific page parameter, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents.
CVSS Score
9.8
EPSS Score
0.009
Published
2024-08-14
Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. An unauthenticated remote attacker can use the hard-coded credential to acquire partial system information and modify system setting to cause partial disrupt of service.
CVSS Score
7.3
EPSS Score
0.006
Published
2022-04-07