exploitDog

GHSA-g894-3pcr-4hv9

Опубликовано: 01 апр. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 8.2

Описание

Improper authentication in the OAuth login functionality in Devolutions Server 2026.1.11 and earlier allows a remote attacker with valid credentials to bypass multi-factor authentication via a crafted login request.

Improper authentication in the OAuth login functionality in Devolutions Server 2026.1.11 and earlier allows a remote attacker with valid credentials to bypass multi-factor authentication via a crafted login request.

Ссылки

EPSS

Процентиль: 13%

0.00042

Низкий

8.2 High

CVSS3

CVE ID

Дефекты

CWE-1390

Связанные уязвимости

CVE-2026-4828

CVSS3: 8.2

nvd

7 дней назад

Improper authentication in the OAuth login functionality in Devolutions Server 2026.1.11 and earlier allows a remote attacker with valid credentials to bypass multi-factor authentication via a crafted login request.

EPSS

Процентиль: 13%

0.00042

Низкий

8.2 High

CVSS3

CVE ID

Дефекты

CWE-1390