6 matches found
CVE-2021-44032
TP-Link Omada SDN Software Controller before 5.0.15 does not check if the authentication method specified in a connection request is allowed. An attacker can bypass the captive portal authentication process by using the downgraded "no authentication" method, and access the protected network. For...
CVE-2021-37421
Zoho ManageEngine ADSelfService Plus 6103 and prior is vulnerable to admin portal access-restriction bypass...
zoho manageengine adselfservice plus 数据伪造问题漏洞
ZOHO zoho manageengine adselfservice plus is a web-based end-user password management software from ZOHO. zoho ManageEngine ADSelfService Plus 6103 and earlier versions are vulnerable to an access control error that could be exploited by an attacker via the X The vulnerability can be exploited to...
Cybozu Garoon 安全漏洞
An operational restriction bypass vulnerability exists in the Portal of Cybozu Garoon, a portal-based OA office system of Cybozu Japan. An attacker can use this vulnerability to change the data of the portal without proper privileges...
CVE-2014-8356
The web administrative portal in Zhone zNID 2426A before S3.0.501 allows remote authenticated users to bypass intended access restrictions via a modified server response, related to an insecure direct object reference...
Cisco Elastic Services Controller Software Authentication Bypass Vulnerability
Cisco Elastic Services Controller Software ESC is the U.S. Cisco Cisco, a set of open source for the management of virtual resources modular system. An authentication bypass vulnerability exists in the authentication feature of the Web-based business portal in Cisco Elastic ESC version 3.0.0, whi...