Pedro Lineu Orso chetcpasswd prior to 2.4 relies on the X-Forwarded-For HTTP header when verifying a client's status on an IP address ACL, which allows remote malicious users to gain unauthorized access by spoofing this header.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
chetcpasswd project chetcpasswd |