RSS   Vulnerabilities for 'Sentry vision'   RSS

2018-03-29
 
CVE-2018-9031

CWE-522
 

 
The login interface on TNLSoftSolutions Sentry Vision 3.x devices provides password disclosure by reading an "if(pwd ==" line in the HTML source code. This means, in effect, that authentication occurs only on the client side.

 


Copyright 2024, cxsecurity.com

 

Back to Top