Main Vulnerability Database Exploits ID:6187 - Exploit for Authentication bypass in ntopng - CVE-2018-12520

ID:6187 - Exploit for Authentication bypass in ntopng - CVE-2018-12520

Published: June 17, 2021

Vulnerability identifier: #VU13898

Vulnerability risk: Low

CVE-ID: CVE-2018-12520

CWE-ID: CWE-119

Exploitation vector: Remote access

Vulnerable software:
ntopng

Link to public exploit:

https://www.exploit-db.com/exploits/44973/

Vulnerability description

The vulnerability allows a remote attacker to bypass authentication on the target system.

The vulnerability exists in ntopng network analyzer due to session management issues. A remote attacker can send specially crafted packets to the affected server, bypass authentication to hijack a user's session and escalate his access to the system.

Remediation

Update to version 3.4.180617.

ID:6187 - Exploit for Authentication bypass in ntopng - CVE-2018-12520

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human