Skip to main content

Anviz Firmware

4 CVEs product

Monthly

CVE-2019-12392 CRITICAL Act Now

Anviz access control devices allow remote attackers to issue commands without a password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Anviz Firmware
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2019-12390 MEDIUM This Month

Anviz access control devices expose private Information (pin code and name) by allowing remote attackers to query this information without credentials via port tcp/5010. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Anviz Firmware
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2019-12389 HIGH This Week

Anviz access control devices expose credentials (names and passwords) by allowing remote attackers to query this information without credentials via port tcp/5010. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Anviz Firmware
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2019-12388 HIGH This Week

Anviz access control devices perform cleartext transmission of sensitive information (passwords/pins and names) when replying to query on port tcp/5010. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Anviz Firmware
NVD
CVSS 3.1
7.5
EPSS
0.8%
EPSS 2% CVSS 9.8
CRITICAL Act Now

Anviz access control devices allow remote attackers to issue commands without a password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Anviz Firmware
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Anviz access control devices expose private Information (pin code and name) by allowing remote attackers to query this information without credentials via port tcp/5010. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Anviz Firmware
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Anviz access control devices expose credentials (names and passwords) by allowing remote attackers to query this information without credentials via port tcp/5010. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Anviz Firmware
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Anviz access control devices perform cleartext transmission of sensitive information (passwords/pins and names) when replying to query on port tcp/5010. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Anviz Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy