Subscribe via feed.

SOYAL Biometric Access Control System 5.0 Master Code Disclosure

Posted by deepcore on March 20, 2021 – 5:32 pm

The controller in SOYAL Biometric Access Control System version 5.0 suffers from a cleartext transmission of sensitive information. This allows interception of the HTTP traffic and disclose the Master code and the Arming code via a man-in-the-middle attack. An attacker can obtain these codes to enter into the controller’s Programming mode and bypass physical security controls in place.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.