Vulnerability in N/a
CVE-2018-7739
antsle antman before 0.9.1a allows remote attackers to bypass authentication via invalid characters in the username and password parameters, as demonstrated by a username=>&password=%0a string to the /login URI. This allows obtaining root…
EPSS: 0.546 (98.9th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 44262 (exploit, x_refsource_EXPLOIT-DB)
- blog.codecatoctin.com/2018/02/antman-authentication-bypass.html (x_refsource_MISC)
- 44220 (exploit, x_refsource_EXPLOIT-DB)