CNNVD-202510-284 Information
CNNVD ID
CNNVD-202510-284
Related CVE
- CNNVD Published: 2025-10-02
Description (Chinese)
Flock Safety Pisco是美国Flock Safety公司的一个后台认证模块。 Flock Safety Pisco 6.21.11版本存在安全漏洞,该漏洞源于代码库中包含明文Auth0客户端密钥,可能导致密钥泄露。
Description (English)
Flock Safety Pisco is a back-office certification module for the United States company Flock Safety. There is a security loophole in version 6.21.11 of Flock Safety Pisco, which arises from the inclusion of the specified Auth0 client key in the code library, which may lead to the disclosure of the key.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Flock Safety
Published
2025-10-02
Last Modified
2026-02-24
References
https://gainsec.com/2025/09/27/fly-by-device-2-the-falcon-sparrow-gated-wireless-rce-camera-feed-dos-information-disclosure-and-more/ https://gainsec.com/wp-content/uploads/2025/09/Root-from-the-Coop-Device-3_-Root-Shell-on-Flock-Safetys-Bravo-Compute-Box-GainSec.pdf https://www.flocksafety.com/products https://www.flocksafety.com/products/license-plate-readers
Share on: