7.5
CVSSv3

CVE-2006-6679

Published: 21/12/2006 Updated: 25/01/2024
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Pedro Lineu Orso chetcpasswd prior to 2.4 relies on the X-Forwarded-For HTTP header when verifying a client's status on an IP address ACL, which allows remote malicious users to gain unauthorized access by spoofing this header.

Vulnerable Product Search on Vulmon Subscribe to Product

chetcpasswd project chetcpasswd