The Client Filter Admin portal in Netsweeper prior to 3.1.10, 4.0.x prior to 4.0.9, and 4.1.x prior to 4.1.2 allows remote malicious users to bypass authentication and subsequently create arbitrary profiles via a showdeny action to the default URL.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
netsweeper netsweeper 4.0.6 |
||
netsweeper netsweeper 4.0.7 |
||
netsweeper netsweeper 4.0.8 |
||
netsweeper netsweeper 4.1.0 |
||
netsweeper netsweeper 4.0.2 |
||
netsweeper netsweeper 4.0.4 |
||
netsweeper netsweeper |
||
netsweeper netsweeper 4.0.0 |
||
netsweeper netsweeper 4.0.1 |
||
netsweeper netsweeper 4.0.3 |
||
netsweeper netsweeper 4.0.5 |
||
netsweeper netsweeper 4.1.1 |
Vulmon