cve/2018/CVE-2018-17486.md

### [CVE-2018-17486](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17486)
![](https://img.shields.io/static/v1?label=Product&message=Lobby%20Track%20Desktop&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Bypass%20Security&color=brighgreen)

### Description

Lobby Track Desktop could allow a local attacker to bypass security restrictions, caused by an error in the find visitor function while in kiosk mode. By visiting the kiosk and selecting find visitor, an attacker could exploit this vulnerability to delete visitor records or remove a host.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/nutc4k3/amazing-iot-security
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2018-17486](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17486)`
			`![](https://img.shields.io/static/v1?label=Product&message=Lobby%20Track%20Desktop&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Bypass%20Security&color=brighgreen)`

			`### Description`

			`Lobby Track Desktop could allow a local attacker to bypass security restrictions, caused by an error in the find visitor function while in kiosk mode. By visiting the kiosk and selecting find visitor, an attacker could exploit this vulnerability to delete visitor records or remove a host.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/nutc4k3/amazing-iot-security`