5 matches found
CVE-2023-38324
An issue was discovered in OpenNDS before 10.1.2. It allows users to skip the splash page sequence and directly authenticate when it is using the default FAS key and OpenNDS is configured as FAS. Affected OpenNDS Captive Portal before version 10.1.2 fixed in OpenWrt master, OpenWrt 23.05 and...
OpenNDS Security Vulnerabilities
openNDS is openNDS open source a high performance, small footprint portal system. A security vulnerability exists in OpenNDS prior to version 10.1.3 that stems from an inability to clean up a FAS key entry in a configuration file, allowing an attacker with direct or indirect access to the file to...
PT-2024-12710 · Opennds +1 · Opennds +1
Name of the Vulnerable Software and Affected Versions: OpenNDS versions prior to 10.1.3 Description: An issue was discovered in OpenNDS where it fails to sanitize the FAS key entry in the configuration file. This allows attackers with direct or indirect access to the configuration file to execute...
CVE-2023-38324
An issue was discovered in OpenNDS before 10.1.2. It allows users to skip the splash page sequence and directly authenticate when it is using the default FAS key and OpenNDS is configured as FAS. Affected OpenNDS Captive Portal before version 10.1.2 fixed in OpenWrt master, OpenWrt 23.05 and...
CVE-2023-38324
An issue was discovered in OpenNDS before 10.1.2. It allows users to skip the splash page sequence and directly authenticate when it is using the default FAS key and OpenNDS is configured as FAS. Affected OpenNDS Captive Portal before version 10.1.2 fixed in OpenWrt master, OpenWrt 23.05 and...