admin.htm in Geo++ GNCASTER 1.4.0.7 and previous versions does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
geopp geo\\+\\+ gncaster |
||
geopp geo\\+\\+ gncaster 1.4.0.0 |