Improper validation of the cloud certificate chain in Mobile Client allows man-in-the-middle attack to impersonate the legitimate Command Centre Server. This issue affects: Gallagher Command Centre Mobile Client for Android 8.60 versions prior to 8.60.065; version 8.50 and prior versions.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:HGallagher Command Centre Mobile Client
APPGallagher≤ 8.508.60 – 8.60.065 (bez)
Related vulnerabilities
Gallagher Command Centre: niechronione dane uwierzytelniające integracji DVR
A SQL Injection vulnerability in the OPCUA interface of Gallagher Command Centre allows a remote unprivileged ...
Improper Authorization vulnerability in Gallagher Command Centre Server allows command line macros to be modif...
It is possible to enumerate access card credentials via an unauthenticated network connection to the server in...
In Gallagher Command Centre versions 8.10 prior to 8.10.1134(MR4), 8.00 prior to 8.00.1161(MR5), 7.90 prior to...