Exploit for #VU35191 Improper Restriction of Excessive Authentication Attempts in Bludit

Published: 2020-08-18 | Updated: 2021-06-17

Vulnerability identifier: #VU35191

Vulnerability risk: High

CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-17240

CWE-ID: CWE-307

Exploitation vector: Network

Exploits in database: 5

June 17, 2021
- Bludit 3.9.2 - Auth Bruteforce Bypass [Exploit-DB]
November 3, 2020
- CVE-2019-17240_Bludit-BF-Bypass (Bludit <= 3.9.2 - Authentication Bruteforce Mitigation Bypass Exploit/PoC) [Github]
October 21, 2020
- CVE-2019-17240-Exploit-Bludit-BF-bypass (Bludit <= 3.9.2 - Authentication Bruteforce Mitigation Bypass Exploit/PoC) [Github]
September 25, 2020
- CVE-2019-17240 (This is the exploit of CVE-2019-17240. ) [Github]
August 18, 2020
- Bludit 3.9.2 - Authentication Bruteforce Mitigation Bypass [Exploit-DB]

Impact: Code execution

Vulnerable software:
Bludit
Web applications / CMS

Vendor: Bludit