7 matches found
CVE-2023-5074
Use of a static key to protect a JWT token used in user authentication can allow an for an authentication bypass in D-Link D-View 8 v2.0.1.28...
D-Link D-View 8 Hard-coded JWT Key (CVE-2023-5074)
Binary data dlinkdview8staticjwtkey.nbin...
CVE-2023-5074
creationtimestamp| type| source ---|---|--- 2023-09-20 20:30:18+00:00| seen| https://t.me/cibsecurity/70807 2023-09-30 02:04:21+00:00| published-proof-of-concept| https://t.me/codeb0ss/1195 2023-10-01 12:50:40+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/9121 2023-10-...
CVE-2023-5074
Use of a static key to protect a JWT token used in user authentication can allow an for an authentication bypass in D-Link D-View 8 v2.0.1.28...
CVE-2023-5074 Authentication Bypass in D-Link D-View 8
Use of a static key to protect a JWT token used in user authentication can allow an for an authentication bypass in D-Link D-View 8 v2.0.1.28...
CVE-2023-5074
CVE-2023-5074 affects D-Link D-View 8, specifically version 2.0.1.28, where a static key protects the JWT used for user authentication. This design enables an authentication bypass risk by forging or manipulating tokens, effectively allowing unauthorized access to D-View 8 systems. The relevant c...
CVE-2023-5074 Authentication Bypass in D-Link D-View 8
Use of a static key to protect a JWT token used in user authentication can allow an for an authentication bypass in D-Link D-View 8 v2.0.1.28...