CVE-2017-9091

Name of the Vulnerable Software and Affected Versions Allen Disk version 1.6

Description The issue concerns a CAPTCHA bypass in the login functionality. Specifically, the /admin/loginc.php endpoint does not properly check if the CAPTCHA code has been set, allowing for bypass by emptying the captcha field in the POST request. This can be achieved by manipulating the $ POST['captcha'] variable.

Recommendations For Allen Disk version 1.6, consider implementing a proper check for the CAPTCHA code to prevent bypass. As a temporary workaround, restrict access to the /admin/loginc.php endpoint until a proper fix is implemented. Additionally, ensure that the $ SESSION['captcha']['code'] variable is properly validated to prevent unauthorized access.