IDenticard PremiSys Hardcoded Backdoor Account (CVE-2019-3906)

Hardcoded Backdoor Account exist in the IDenticard PremiSys. The vulnerability is due to service contains hardcoded credentials. Successful exploitation can allow admin access to the service via the Premisys WCF Service endpoint.

You can read the full article here.