Vulnerability in Opennds Captive_portal
CVE-2023-38324
An issue was discovered in OpenNDS before 10.1.2. It allows users to skip the splash page sequence (and directly authenticate) when it is using the default FAS key and OpenNDS is configured as FAS. Affected OpenNDS Captive Portal before ve…
EPSS: 0.007 (48.0th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N.
Affected products
- Opennds Captive_portal
- N/a — versions n/a
References
- cve@mitre.org
- cve@mitre.org (Release Notes, Vendor Advisory)
- cve@mitre.org
- cve@mitre.org
- cve@mitre.org
- cve@mitre.org
- cve@mitre.org
Frequently asked questions
- What is CVE-2023-38324?
- CVE-2023-38324 is a medium-severity vulnerability in Opennds Captive_portal. CVSS score: 5.3/10. Published 2023-11-17.
- How severe is CVE-2023-38324?
- Medium severity. CVSS v3 base score is 5.3 out of 10.