漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Some "Stored Value" Unattended Payment Solutions of KioSoft use vulnerable NFC cards. Attackers could potentially use this vulnerability to change the balance on the cards and generate money. The account balance is stored on an insecure MiFare Classic NFC card and can be read and written back. By carefully observing changes in card dumps, one can identify fields that store the cash value of the card. Additionally, a checksum can be identified, which is created by XOR-ing the cash and an unknown field with a certain value. By updating the fields accordingly, arbitrary amounts of money can be loaded onto the card (up to $655,35) to pay for goods.
CVSS Information
N/A
Vulnerability Type
敏感信息的不安全存储
Vulnerability Title
KioSoft Stored Value Unattended Payment Solutions 安全漏洞
Vulnerability Description
KioSoft Stored Value Unattended Payment Solutions是美国KioSoft公司的一款自助支付解决方案。 KioSoft Stored Value Unattended Payment Solutions存在安全漏洞,该漏洞源于使用不安全的MiFare Classic NFC卡存储账户余额,可能导致攻击者修改卡内余额并生成资金。
CVSS Information
N/A
Vulnerability Type
N/A