iDS6 DSSPro Digital Signage System 6.2 CAPTCHA Security Bypass

Posted by deepcore on November 6, 2020 – 7:06 pm

The CAPTCHA function for iDS6 DSSPro Digital Signage System version 6.2 is prone to a security bypass vulnerability that occurs in the CAPTCHA authentication routine. By requesting the autoLoginVerifyCode object an attacker can receive a JSON message code and successfully bypass the CAPTCHA-based authentication challenge and perform brute-force attacks.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« iDS6 DSSPro Digital Signage System 6.2 Privilege Escalation iDS6 DSSPro Digital Signage System 6.2 Cross Site Request Forgery »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

iDS6 DSSPro Digital Signage System 6.2 CAPTCHA Security Bypass

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL