Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
FaceSentry Access Control System 6.4.8 Cross-Site Request Forgery via Web Interface
Vulnerability Description
FaceSentry Access Control System 6.4.8 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change administrator passwords, add new admin users, or open access control doors by tricking authenticated users into loading a specially crafted webpage.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
iWT FaceSentry Access Control System 安全漏洞
Vulnerability Description
iWT FaceSentry Access Control System是iWT开源的一个应用软件。提供一个访问控制功能。 iWT FaceSentry Access Control System 6.4.8版本存在安全漏洞,该漏洞源于容易受到跨站请求伪造攻击,可能导致执行管理操作。
CVSS Information
N/A
Vulnerability Type
N/A