Описание
Smartwares HOME easy 1.0.9 contains an authentication bypass vulnerability that allows unauthenticated attackers to access administrative web pages by disabling JavaScript. Attackers can navigate to multiple administrative endpoints and to bypass client-side validation and access sensitive system information.
EPSS
Процентиль: 54%
0.00313
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-639
Связанные уязвимости
CVSS3: 9.8
github
4 месяца назад
Smartwares HOME easy 1.0.9 contains an authentication bypass vulnerability that allows unauthenticated attackers to access administrative web pages by disabling JavaScript. Attackers can navigate to multiple administrative endpoints and to bypass client-side validation and access sensitive system information.
EPSS
Процентиль: 54%
0.00313
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-639