2 matches found
CVE-2021-38167
Roxy-WI through 5.2.2.0 allows SQL Injection via checklogin. An unauthenticated attacker can extract a valid uuid to bypass authentication...
CVE-2021-38167
The CVE-2021-38167 issue affects Roxy-WI up to version 5.2.2.0, where a SQL Injection vulnerability in the check_login flow can allow an unauthenticated attacker to extract a valid uuid and bypass authentication. Affected component: Roxy-WI web interface; root cause: improper handling of login in...