Kentix MultiSensor-LAN 5.63.00 Authentication Bypass
Posted by deepcore on January 19, 2019 – 9:51 am
Kentix MultiSensor-LAN versions 5.63.00 and below suffer from an authentication bypass vulnerability. The web based application is not using a usual session concept with a session cookie for managing authenticated user sessions. Some URLs are protected with HTTP Basic Authentication, but the user management web page can be accessed and used without any authentication.
Post a reply
You must be logged in to post a comment.