CVEs-PoC/2019/CVE-2019-11523.md at b0e96c877abb080d7cf221c036336480ff266ccf

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 15:15:46 +02:00

Files

T

0xMarcio 6100550298 Update CVE sources 2024-06-22 09:37

2024-06-22 09:37:59 +00:00

Description

Anviz Global M3 Outdoor RFID Access Control executes any command received from any source. No authentication/encryption is done. Attackers can fully interact with the device: for example, send the "open door" command, download the users list (which includes RFID codes and passcodes in cleartext), or update/create users. The same attack can be executed on a local network and over the internet (if the device is exposed on a public IP address).

POC

Reference

https://github.com/wizlab-it/anviz-m3-rfid-cve-2019-11523-poc

Github

https://github.com/0xT11/CVE-POC
https://github.com/developer3000S/PoC-in-GitHub
https://github.com/hectorgie/PoC-in-GitHub
https://github.com/wizlab-it/anviz-m3-rfid-cve-2019-11523-poc

1.1 KiB Raw Blame History

CVE-2019-11523

Description

POC

Reference

Github

1.1 KiB

Raw Blame History