We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
The application uses several hard-coded credentials to encrypt config files during backup, to decrypt the new firmware during an update and some passwords allow a direct connection to the database server of the affected device.
Reserved 2024-03-05 | Published 2024-12-12 | Updated 2024-12-13 | Assigner SEC-VLabCWE-798 Use of Hard-coded Credentials
Daniel Hirschberger (SEC Consult Vulnerability Lab)
Tobias Niemann (SEC Consult Vulnerability Lab)
r.sec-consult.com/imageaccess
www.imageaccess.de/?page=SupportPortal&lang=en
Support options