PT-2022-11394 · Ariang · Ariang

Amozing

Published

2022-06-15

Updated

2023-08-08

CVE-2021-41418

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions AriaNg versions 0.1.0 through 1.2.2

Description The issue is related to incorrect access control, where the system fails to authenticate visitors' access rights, potentially allowing unauthorized access.

Recommendations For versions 0.1.0 through 1.2.2, consider implementing proper access control mechanisms to authenticate and verify visitors' access rights until a patch is available.

Exploit

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2021-41418

Affected Products

Ariang

PT-2022-11394 · Ariang · Ariang

CVE-2021-41418

Weakness Enumeration

Related Identifiers

Affected Products

References · 3