Opennds Captive_portal

7 CVEs affecting Opennds Captive_portal. Latest disclosed: 2023-11-17. Critical: 1, High: 4.

Top CVEs affecting Opennds Captive_portal
CVESeverityScorePublishedSummary
CVE-2023-38316Critical9.82023-11-17An issue was discovered in OpenNDS Captive Portal before version 10.1.2. When the custom unescape callback is enabled, attackers can execute arbitrary OS comma…
CVE-2023-38322High7.52023-11-17An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a do_binauth NULL pointer dereference that be triggered with a crafted GET HTTP…
CVE-2023-38320High7.52023-11-17An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a show_preauthpage NULL pointer dereference that can be triggered with a crafte…
CVE-2023-38315High7.52023-11-17An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a try_to_authenticate NULL pointer dereference that can be triggered with a cra…
CVE-2023-38313High7.52023-11-17An issue was discovered in OpenNDS Captive Portal before 10.1.2. it has a do_binauth NULL pointer dereference that can be triggered with a crafted GET HTTP req…
CVE-2023-38314Medium6.52023-11-17An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a NULL pointer dereference in preauthenticated() that can be triggered with a c…
CVE-2023-38324Medium5.32023-11-17An issue was discovered in OpenNDS before 10.1.2. It allows users to skip the splash page sequence (and directly authenticate) when it is using the default FAS…