CNNVD-202601-4403 Information
CNNVD ID
CNNVD-202601-4403
Related CVE
- CNNVD Published: 2026-01-26
Description (Chinese)
Dormakaba exos 9300是美国Dormakaba公司的一个出入库控制与安全管理系统。 Dormakaba exos 9300存在安全漏洞,该漏洞源于SOAP API无需身份验证,可能导致创建任意访问日志事件或查询已注册芯片卡关联的2FA PIN。
Description (English)
Dormakaba exos 9,300 is a United States company, Dormakaba, for access control and security management. There is a security loophole in Dormakaba exos 9300, which stems from the fact that SOAP API does not require authentication, which could lead to the creation of an arbitrary access log event or a search for 2FA PIN associated with a registered chip card.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
Dormakaba
Published
2026-01-26
Last Modified
2026-02-24
References
https://r.sec-consult.com/dkexos https://r.sec-consult.com/dormakaba https://www.dormakabagroup.com/en/security-advisories https://access.redhat.com/security/cve/cve-2025-59090
Patch
https://www.dormakabagroup.com/en/security-advisories
Share on: