Описание
Smartwares HOME easy 1.0.9 contains an authentication bypass vulnerability that allows unauthenticated attackers to access administrative web pages by disabling JavaScript. Attackers can navigate to multiple administrative endpoints and to bypass client-side validation and access sensitive system information.
EPSS
Процентиль: 53%
0.00296
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-639
Связанные уязвимости
CVSS3: 9.8
github
около 1 месяца назад
Smartwares HOME easy 1.0.9 contains an authentication bypass vulnerability that allows unauthenticated attackers to access administrative web pages by disabling JavaScript. Attackers can navigate to multiple administrative endpoints and to bypass client-side validation and access sensitive system information.
EPSS
Процентиль: 53%
0.00296
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-639