PT-2006-1740 · Vhcs · Virtual Hosting Control System

Román Medina-Heigl Hernández

Published

2006-02-15

Updated

2018-10-19

CVE-2006-0686

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Virtual Hosting Control System (VHCS) versions 2.4.7.1 and earlier

Description The issue allows remote attackers to gain unauthorized access due to a lack of user privilege checks when adding new administrative users.

Recommendations For Virtual Hosting Control System (VHCS) versions 2.4.7.1 and earlier, consider disabling the add user.php script until a patch is available to prevent unauthorized access. Restrict access to administrative user addition functionality to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-0686

Affected Products

Virtual Hosting Control System

PT-2006-1740 · Vhcs · Virtual Hosting Control System

CVE-2006-0686

Related Identifiers

Affected Products

References · 8