Security Advisory

CVE-2019-25279

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-07 23:10:00
Last updated 2026-07-15 01:23:45
Assigner VulnCheck
State PUBLISHED

Description

FaceSentry Access Control System 6.4.8 contains a cleartext password storage vulnerability that allows attackers to access unencrypted credentials in the devices SQLite database. Attackers can directly read sensitive login information stored in /faceGuard/database/FaceSentryWeb.sqlite without additional authentication.