Vulnerabilities > Anviz > Anviz Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-02 | CVE-2019-12392 | Missing Authentication for Critical Function vulnerability in Anviz Firmware Anviz access control devices allow remote attackers to issue commands without a password. | 9.8 |
| 2019-12-02 | CVE-2019-12390 | Missing Authentication for Critical Function vulnerability in Anviz Firmware Anviz access control devices expose private Information (pin code and name) by allowing remote attackers to query this information without credentials via port tcp/5010. | 5.3 |
| 2019-12-02 | CVE-2019-12389 | Missing Authentication for Critical Function vulnerability in Anviz Firmware Anviz access control devices expose credentials (names and passwords) by allowing remote attackers to query this information without credentials via port tcp/5010. | 7.5 |
| 2019-12-02 | CVE-2019-12388 | Cleartext Transmission of Sensitive Information vulnerability in Anviz Firmware Anviz access control devices perform cleartext transmission of sensitive information (passwords/pins and names) when replying to query on port tcp/5010. | 7.5 |