Lanap · Lanap Botdetect Aps.Net Captcha · CVE-2006-2918
**Name of the Vulnerable Software and Affected Versions**
Lanap BotDetect APS.NET CAPTCHA component versions prior to 1.5.4.0
**Description**
The issue allows remote attackers to conduct automated attacks by replaying the ViewState for a known number, as the UUID and hash for a CAPTCHA are stored in the ViewState of a page.
**Recommendations**
For versions prior to 1.5.4.0, update to version 1.5.4.0 or later to resolve the issue.