Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
opennds opennds vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-38315
An issue exists in OpenNDS Captive Portal before version 10.1.2. It has a try_to_authenticate NULL pointer dereference that can be triggered with a crafted GET HTTP with a missing client token query string parameter. Triggering this issue results in crashing OpenNDS (a Denial-of-...
Opennds Captive Portal
7.5
CVSSv3
CVE-2023-41102
An issue exists in the captive portal in OpenNDS before version 10.1.3. It has multiple memory leaks due to not freeing up allocated memory. This may lead to a Denial-of-Service condition due to the consumption of all available memory.
Opennds Opennds
6.5
CVSSv3
CVE-2023-38314
An issue exists in OpenNDS Captive Portal before version 10.1.2. It has a NULL pointer dereference in preauthenticated() that can be triggered with a crafted GET HTTP request with a missing redirect query string parameter. Triggering this issue results in crashing OpenNDS (a Deni...
Opennds Captive Portal
5.3
CVSSv3
CVE-2023-38324
An issue exists in OpenNDS prior to 10.1.2. It allows users to skip the splash page sequence (and directly authenticate) when it is using the default FAS key and OpenNDS is configured as FAS.
Opennds Captive Portal
NA
CVE-2024-25763
openNDS 10.2.0 is vulnerable to Use-After-Free via /openNDS/src/auth.c.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2