Netsweeper prior to 3.1.10, 4.0.x prior to 4.0.9, and 4.1.x prior to 4.1.2 allows remote malicious users to bypass authentication and remove IP addresses from the quarantine via the ip parameter to webadmin/user/quarantine_disable.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netsweeper netsweeper 4.1.0 |
||
netsweeper netsweeper 4.0.4 |
||
netsweeper netsweeper 4.0.2 |
||
netsweeper netsweeper 4.0.0 |
||
netsweeper netsweeper |
||
netsweeper netsweeper 4.1.1 |
||
netsweeper netsweeper 4.0.3 |
||
netsweeper netsweeper 4.0.1 |
||
netsweeper netsweeper 4.0.8 |
||
netsweeper netsweeper 4.0.7 |
||
netsweeper netsweeper 4.0.6 |
||
netsweeper netsweeper 4.0.5 |