CNNVD-202512-5534 Information

Dec 31, 2025 cve

CNNVD ID

CNNVD-202512-5534

CVE-2021-47743

CNNVD Published: 2025-12-31

Description (Chinese)

COMMAX Biometric Access Control System是韩国COMMAX公司的一个生物识别门禁系统。 COMMAX Biometric Access Control System 1.0.0版本存在跨站脚本漏洞，该漏洞源于cookie参数CMX_ADMIN_NM和CMX_COMPLEX_NM存在未经验证的反射型跨站脚本，可能导致攻击者执行任意脚本。

Description (English)

COMMAX Biometric Access Control Systems is a biometric door-ban system for COMMAX in Korea. The version COMMAX Biometric Access Control System 1.0.0 has a cross-site script loophole, which stems from the existence of unverified reflector-type cross-station scripts in the cookies parameter CMX ADMIN NM and CMX COMPLEX NM, which may result in the assailants executing any of the scripts.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

COMMAX

Published

2025-12-31

Last Modified

2026-02-24

References

https://cxsecurity.com/issue/WLB-2021080063 https://exchange.xforce.ibmcloud.com/vulnerabilities/207578 https://packetstormsecurity.com/files/163834 https://www.commax.com/ https://www.vulncheck.com/advisories/commax-biometric-access-control-system-reflected-xss-via-cookie-parameters https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5660.php

Share on: