Pedro Lineu Orso : Security Vulnerabilities, CVEs, Published In 2006 (Bypass)
Pedro Lineu Orso chetcpasswd before 2.4 relies on the X-Forwarded-For HTTP header when verifying a client's status on an IP address ACL, which allows remote attackers to gain unauthorized access by spoofing this header.
Max CVSS
7.5
EPSS Score
1.08%
Published
2006-12-21
Updated
2024-01-25
1 vulnerabilities found