2 matches found
CVE-2006-2531
CVE-2006-2531 affects Ipswitch WhatsUp Professional (2006). The flaw enables an unauthenticated remote attacker to bypass authentication by spoofing HTTP headers, specifically setting User-Agent to “Ipswitch/1.0” and User-Application to “NmConsole.” The root cause is that authentication relies on...
CVE-2006-0911
CVE-2006-0911 affects Ipswitch WhatsUp Professional 2006. The vulnerable component is NmService.exe handling requests to Login.asp. The underlying issue is triggered by crafted requests that use the parameters (1) "In]" and (2) "b;tnLogIn", or (3) malformed btnLogIn, potentially involving missing...