CVE-2019-25279 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

FaceSentry Access Control System 6.4.8 contains a cleartext password storage vulnerability that allows attackers to access unencrypted credentials in the device…
Medium CVSS: 6.8

CVE-2019-25279

FaceSentry Access Control System 6.4.8 contains a cleartext password storage vulnerability that allows attackers to access unencrypted credentials in the device's SQLite database. Attackers can directly read sensitive login information stored in /faceGuard/database/FaceSentryWeb.sqlite without additional authentication.
Vendor
Iwt
Product
Facesentry Access Control System Firmware
CWE
CWE-312
Yayın Tarihi
2026-01-08 00:15:58
Güncelleme
2026-01-16 19:16:06
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-312 Facesentry Access Control System Firmware MEDIUM Iwt 2026

Referanslar

https://exchange.xforce.ibmcloud.com/vulnerabilities/163190 https://packetstormsecurity.com/files/153501 https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5529.php