CVE-2024-55470 – Oqtane Framework Authentication Bypass

12月 20, 2024
5:16 pm

CVE ID : CVE-2024-55470

Published : Dec. 20, 2024, 4:15 p.m. | 1 hour ago

Description : Oqtane Framework 6.0.0 is vulnerable to Incorrect Access Control. By manipulating the entityid parameter, attackers can bypass passcode validation and successfully log into the application or access restricted data without proper authorization. The lack of server-side validation exacerbates the issue, as the application relies on client-side information for authentication.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-55470 – Oqtane Framework Authentication Bypass

Elvescore.io

Recent Posts

CVE-2024-12677 – Delta Electronics DTM Soft Remote Code Execution

CVE-2024-10385 – DirectAdmin Evolution Skin Cross-site Scripting

CVE-2024-12840 – Satellite SSRF

CVE-2024-55186 – Oqtane Framework User account IDOR Vulnerability