Commax Co Ltd Commax Biometric Access Control System vulnerabilities
2 known vulnerabilities affecting commax_co_ltd/commax_biometric_access_control_system.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2021-47706P2HIGHCVSS 8.7v1.0.02025-12-09
CVE-2021-47706 [HIGH] CWE-565 CVE-2021-47706: COMMAX Biometric Access Control System 1.0.0 contains an authentication bypass vulnerability that al
COMMAX Biometric Access Control System 1.0.0 contains an authentication bypass vulnerability that allows unauthenticated attackers to access sensitive information and circumvent physical controls in smart homes and buildings by exploiting cookie poisoning. Attackers can forge cookies to bypass authentication and disclose sensitive information.
nvd
CVE-2021-47743P4MEDIUMCVSS 6.1v1.0.02025-12-31
CVE-2021-47743 [MEDIUM] CWE-79 CVE-2021-47743: COMMAX Biometric Access Control System 1.0.0 contains an unauthenticated reflected cross-site script
COMMAX Biometric Access Control System 1.0.0 contains an unauthenticated reflected cross-site scripting vulnerability in cookie parameters 'CMX_ADMIN_NM' and 'CMX_COMPLEX_NM'. Attackers can inject malicious HTML and JavaScript code into these cookie values to execute arbitrary scripts in a victim's browser session.
nvd