CNNVD-202512-4267 Information

CNNVD ID

CNNVD-202512-4267

Related CVE

CVE-2019-25241

• CNNVD Published: 2025-12-24

Description (Chinese)

iWT FaceSentry Access Control System是iWT开源的一个应用软件。提供一个访问控制功能。 iWT FaceSentry Access Control System 6.4.8版本存在安全漏洞，该漏洞源于存在硬编码SSH凭据和sudoers配置不当，可能导致权限提升和获取root访问权限。

Description (English)

iWT FaceSentry Access Control System is an iWT open source application. Provides a access control function. iWT FaceSentry Access Control System version 6.4.8 contains a security loophole, which stems from the existence of hard-coded SSH certificates and improper configuration of sudores, which may lead to enhanced privileges and access to root.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

iWT

Published

2025-12-24

Last Modified

2026-02-24

References

http://www.iwt.com.hk https://www.exploit-db.com/exploits/47067 https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5526.php