itzvenom

1 exploit Active since Nov 2023
CVE-2023-6329 NOMISEC CRITICAL WORKING POC
Control iD iDSecure Authentication Bypass (CVE-2023-6329)
An authentication bypass vulnerability exists in Control iD iDSecure v4.7.32.0. The login routine used by iDS-Core.dll contains a "passwordCustom" option that allows an unauthenticated attacker to compute valid credentials that can be used to bypass authentication and act as an administrative user.
CVSS 9.8