2 matches found
CVE-2018-16286
LG SuperSign CMS suffers an authentication bypass: if a captcha:pass cookie is present and the PIN is limited to four digits, CAPTCHA is skipped and access can be gained without proper authentication. Multiple sources (NVD/NVD-derived records and CNVD) describe this flaw and its impact; CVSS metr...
CVE-2018-16286
LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits...