I

Iwt Security Vulnerabilities (CVE)

Explore vulnerabilities and security advisories affecting Iwt products.

3 known CVE vulnerabilities tracked

Critical
1
High
1
Medium
1
Low
0
None
0

Vulnerabilities By Year

3
2025

Products Affected

Facesentry Access Control System Firmware 3

All Iwt CVEs

Recent Highest Score Oldest
CVE-2019-25243
8.8 high

FaceSentry 6.4.8 contains an authenticated remote command injection vulnerability in pingTest.php and tcpPortTest.php scripts. Attackers can exploit unsanitized input parameters to inject and execute arbitrary shell commands with root privileges by manipulating the 'strInIP' and 'strInPort' paramete

Facesentry Access Control System Firmware Dec 24, 2025
CVE-2019-25242
4.3 medium

FaceSentry Access Control System 6.4.8 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change administrator passwords, add new admin users, or open access control doors by tri

Facesentry Access Control System Firmware Dec 24, 2025
CVE-2019-25241
9.8 critical

FaceSentry Access Control System 6.4.8 contains a critical authentication vulnerability with hard-coded SSH credentials for the wwwuser account. Attackers can leverage the insecure sudoers configuration to escalate privileges and gain root access by executing sudo commands without authentication.

Facesentry Access Control System Firmware Dec 24, 2025