9.8
CVSSv3

CVE-2018-8096

Published: 14/03/2018 Updated: 21/11/2024

Vulnerability Summary

Datalust Seq prior to 4.2.605 is vulnerable to Authentication Bypass (with the attacker obtaining admin access) via '"Name":"isauthenticationenabled","Value":false' in an api/settings/setting-isauthenticationenabled PUT request.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

datalust seq

Exploits

# Exploit Title: Seq 42476 - Authentication Bypass # Date: 2018-08-02 # Exploit Author: Daniel Chactoura # Vendor Homepage: getseqnet/ # Software Link: getseqnet/Download/All # Version: <= 42476 # CVE : CVE-2018-8096 # Post Reference: mediumcom/stolabs/bypass-admin-authentication-on-seq-17f0f9e02732 # coding=utf-8 ...
Seq versions 42476 and below suffer from an authentication bypass vulnerability ...