3 matches found
CVE-2016-6603
ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and impersonate arbitrary users via the UserName HTTP header...
CVE-2016-6603
CVE-2016-6603 affects ZOHO WebNMS Framework 5.2 and 5.2 SP1. The vulnerability allows remote attackers to bypass authentication and impersonate arbitrary users by sending a manipulated UserName HTTP header, enabling session hijacking via the GetChallengeServlet in WebNMS. Multiple connected sourc...
WebNMS Framework 5.2SP1 Login Bypass
Summary WebNMS is an industry-leading used to build network management applications architecture. By submitting a custom headers parameter can directly obtain the session Cookie, skip login authentication. Vulnerability details Submit the following Get request HTTP header, add a UserName specify ...