CVE-2009-2003

Ascad Networks Password Protector SD <1.3.1 - Auth Bypass

Title source: llm
STIX 2.1

Description

Ascad Networks Password Protector SD 1.3.1 allows remote attackers to bypass authentication and gain administrative access by setting the (1) c7portal and (2) cookname cookies to "admin."

Exploits (2)

exploitdb WORKING POC VERIFIED
by G4N0K · textwebappsphp
https://www.exploit-db.com/exploits/8675
exploitdb WORKING POC VERIFIED
by Mr.tro0oqy · textwebappsphp
https://www.exploit-db.com/exploits/8668

References (2)

Core 2
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/8668
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/34930

Scores

EPSS 0.0114
EPSS Percentile 78.5%

Details

CWE
CWE-287
Status published
Products (1)
ascadnetworks/password_protector_sd 1.3.1
Published Jun 08, 2009
Tracked Since Feb 18, 2026