Hard-coded Credential Vulnerability in Taiwan Secom Dr.ID Access Control System

Hard-coded Credential Vulnerability in Taiwan Secom Dr.ID Access Control System

CVE-2022-26671 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source code. An unauthenticated remote attacker can use the hard-coded credential to acquire partial system information and modify system setting to cause partial disrupt of service.

Learn more about our Web Application Penetration Testing UK.