3 matches found
CVE-2022-32768
Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request by an authenticated user can lead to unauthorized access and takeover of resources. An attacker can send an HTTP reque...
CVE-2022-32768
CVE-2022-32768 affects WWBN AVideo 11.6 and dev master (commit 3f7c0364) with authentication bypass in the Live Schedules plugin. A authenticated user can guess/sequenced-id objects to takeover or modify another user’s streams by sending crafted requests (e.g., adding live schedules) due to inade...
CVE-2022-32768
Multiple authentication bypass vulnerabilities exist in the objects id handling functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request by an authenticated user can lead to unauthorized access and takeover of resources. An attacker can send an HTTP reque...