Описание
Some Navarino Infinity functions, up to version 2.2, placed in the URL can bypass any authentication mechanism leading to an information leak.
Some Navarino Infinity functions, up to version 2.2, placed in the URL can bypass any authentication mechanism leading to an information leak.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-5386
- https://medium.com/@evstykas/pwning-ships-vsat-for-fun-and-profit-ba0fe9f42fb3
- https://packetstormsecurity.com/files/146506/Navarino-Infinity-Blind-SQL-Injection-Session-Fixation.html
- https://www.kb.cert.org/vuls/id/184077
- http://www.securityfocus.com/bid/103544
Связанные уязвимости
CVSS3: 7.5
nvd
больше 7 лет назад
Some Navarino Infinity functions, up to version 2.2, placed in the URL can bypass any authentication mechanism leading to an information leak.