Control Id Idsecure vulnerabilities
2 known vulnerabilities affecting control_id/idsecure.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-6329P1CRITICALCVSS 9.8ExploitedPoCv4.7.32.02023-11-27
CVE-2023-6329 [CRITICAL] CWE-287 CVE-2023-6329: An authentication bypass vulnerability exists in Control iD iDSecure v4.7.32.0. The login routine us
An authentication bypass vulnerability exists in Control iD iDSecure v4.7.32.0. The login routine used by iDS-Core.dll contains a "passwordCustom" option that allows an unauthenticated attacker to compute valid credentials that can be used to bypass authentication and act as an administrative user.
nvd
CVE-2023-2044P4MEDIUMCVSS 6.1v4.7.29.12023-04-14
CVE-2023-2044 [MEDIUM] CWE-79 CVE-2023-2044: A vulnerability has been found in Control iD iDSecure 4.7.29.1 and classified as problematic. This v
A vulnerability has been found in Control iD iDSecure 4.7.29.1 and classified as problematic. This vulnerability affects unknown code of the component Dispositivos Page. The manipulation of the argument IP-DNS leads to cross site scripting. The attack can be initiated remotely. VDB-225922 is the identifier assigned to this vulnerability. NOTE: The vend
nvd