CVE-2018-16286

LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits.
Configurations

Configuration 1 (hide)

cpe:2.3:a:lg:supersign_cms:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-09-14 21:29

Updated : 2024-02-28 16:48


NVD link : CVE-2018-16286

Mitre link : CVE-2018-16286

CVE.ORG link : CVE-2018-16286


JSON object : View

Products Affected

lg

  • supersign_cms
CWE
CWE-287

Improper Authentication