CVE-2018-25134 Synaccess netBooter NP-02x/NP-08x 6.8 Authentication Bypass via webNewAcct.cgi

Synaccess netBooter NP-02x/NP-08x 6.8 contains an authentication bypass vulnerability in the webNewAcct.cgi script that allows unauthenticated attackers to create admin user accounts. Attackers can exploit the missing control check by sending crafted POST requests to create administrative account...

CVE-2018-25134

CVE-2018-25134 affects Synaccess netBooter NP-02x/NP-08x (version 6.8) and is caused by an authentication bypass in the webNewAcct.cgi script. This allows unauthenticated attackers to craft POST requests that create admin user accounts, enabling unauthorized control over power‑supply management. ...

Synaccess netBooter NP-02x和Synaccess netBooter NP-08x 安全漏洞

The Synaccess netBooter NP-02x and Synaccess netBooter NP-08x are both products of Synaccess Corporation, U.S.A. The Synaccess netBooter NP-02x is an Intelligent Power Distribution unit.The Synaccess netBooter NP-08x is an intelligent power controller. A security vulnerability exists in Synaccess...

Synaccess netBooter NP-02x / NP-08x 6.8 Authentication Bypass

Synaccess netBooter NP-02x/NP-08x 6.8 Authentication Bypass Vendor: Synaccess Networks Inc. Product web page: https://www.synaccess-net.com Affected version: NP-0201D ver 6.8C NP-02 ver 6.5C NP-02 ver 6.4BC NP-0801D ver 6.4A NP-08 ver 6.10 NP-02 ver 5.53BC Summary: netBooter NP-02B and NP-02BH...