TTLock devices do not properly restrict password-reset attempts, leading to incorrect access control and disclosure of sensitive information about valid account names.
Max CVSS
8.1
EPSS Score
0.25%
Published
2019-09-10
Updated
2019-09-12
TTLock devices do not properly block guest access in certain situations where the network connection to the cloud is unavailable.
Max CVSS
6.5
EPSS Score
0.06%
Published
2019-09-10
Updated
2020-08-24
2 vulnerabilities found