Home / os / winxp

Synaccess netBooter NP-02x / NP-08x 6.8 Authentication Bypass

Posted on 19 November 2018

Synaccess netBooter NP-02x and NP-08x version 6.8 suffer from an authentication bypass vulnerability due to a missing control check when calling the webNewAcct.cgi script while creating users. This allows an unauthenticated attacker to create an admin user account and bypass authentication giving her the power to turn off a power supply to a resource.

 

TOP

Malware :

Exploits :