VYPR

Infinias eIDC32

by 3xLogic

CVEs (3)

  • CVE-2020-11542CriApr 4, 2020
    risk 0.64cvss 9.8epss 0.01

    3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authentication Bypass via CMD.HTM?CMD= because authentication depends on the client side's interpretation of the MYKEY substring.

  • CVE-2021-41847HigOct 1, 2021
    risk 0.57cvss 8.8epss 0.02

    An issue was discovered in 3xLogic Infinias Access Control through 6.7.10708.0, affecting physical security. Users with login credentials assigned to a specific zone can send modified HTTP GET and POST requests, allowing them to view user data such as personal information and…

  • CVE-2020-12681HigJul 26, 2021
    risk 0.49cvss 7.5epss 0.01

    Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through 3.4.125 allows an attacker to intercept/control the channel by which door lock policies are applied.