Anviz access control devices allow unverified password change which allows remote attackers to change the administrator password without prior authentication.
References
Link | Resource |
---|---|
https://www.0x90.zone/multiple/reverse/2019/11/28/Anviz-pwn.html | Third Party Advisory |
Configurations
Information
Published : 2019-12-02 09:15
Updated : 2019-12-12 10:13
NVD link : CVE-2019-12394
Mitre link : CVE-2019-12394
JSON object : View
CWE
CWE-287
Improper Authentication
Products Affected
anviz
- management_system