Ttlock
Monthly
TTLock devices do not properly restrict password-reset attempts, leading to incorrect access control and disclosure of sensitive information about valid account names. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
TTLock devices do not properly block guest access in certain situations where the network connection to the cloud is unavailable. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
TTLock devices do not properly restrict password-reset attempts, leading to incorrect access control and disclosure of sensitive information about valid account names. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
TTLock devices do not properly block guest access in certain situations where the network connection to the cloud is unavailable. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.