Synaccess netBooter NP-02x / NP-08x 6.8 Authentication Bypass

Posted by deepcore on November 20, 2018 – 10:21 pm

Synaccess netBooter NP-02x and NP-08x version 6.8 suffer from an authentication bypass vulnerability due to a missing control check when calling the webNewAcct.cgi script while creating users. This allows an unauthenticated attacker to create an admin user account and bypass authentication giving her the power to turn off a power supply to a resource.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Synaccess netBooter NP-0801DU 7.4 Cross Site Request Forgery Microsoft Edge Chakra OP_Memset Type Confusion »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Synaccess netBooter NP-02x / NP-08x 6.8 Authentication Bypass

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL