Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Secom Subscribe
Filtered by product Dr.id Access Control
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-26671 1 Secom 2 Dr.id Access Control, Dr.id Attendance System 2022-04-14 7.5 HIGH 7.3 HIGH
Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. An unauthenticated remote attacker can use the hard-coded credential to acquire partial system information and modify system setting to cause partial disrupt of service.
CVE-2020-3934 1 Secom 2 Dr.id Access Control, Dr.id Attendance System 2022-01-01 7.5 HIGH 9.8 CRITICAL
TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, contains a vulnerability of Pre-auth SQL Injection, allowing attackers to inject a specific SQL command.
CVE-2020-3933 1 Secom 2 Dr.id Access Control, Dr.id Attendance System 2022-01-01 5.0 MEDIUM 5.3 MEDIUM
TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, allows attackers to enumerate and exam user account in the system.
CVE-2020-3935 1 Secom 2 Dr.id Access Control, Dr.id Attendance System 2021-12-22 5.0 MEDIUM 7.5 HIGH
TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, stores users’ information by cleartext in the cookie, which divulges password to attackers.
CVE-2021-35961 1 Secom 1 Dr.id Access Control 2021-08-02 10.0 HIGH 9.8 CRITICAL
Dr. ID Door Access Control and Personnel Attendance Management system uses the hard-code admin default credentials that allows remote attackers to access the system through the default password and obtain the highest permission.