VYPR

Infinias Access Control

by 3xLogic

CVEs (2)

  • CVE-2021-41847HigOct 1, 2021
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in 3xLogic Infinias Access Control through 6.7.10708.0, affecting physical security. Users with login credentials assigned to a specific zone can send modified HTTP GET and POST requests, allowing them to view user data such as personal information and…

  • CVE-2019-18651MedNov 14, 2019
    risk 0.42cvss 6.5epss 0.01

    A cross-site request forgery (CSRF) vulnerability in 3xLogic Infinias Access Control through 6.6.9586.0 allows remote attackers to execute malicious and unauthorized actions (e.g., delete application users) by sending a crafted HTML document or encoded URL to a user that the…