CVE-2022-32282

Name of the Vulnerable Software and Affected Versions WWBN AVideo versions 11.6 WWBN AVideo dev master commit 3f7c0364

Description An issue exists in the login functionality due to an improper password check. This allows an attacker with a user's password hash to directly log into the account, resulting in increased privileges.

Recommendations For WWBN AVideo version 11.6, update the login functionality to properly check passwords. For WWBN AVideo dev master commit 3f7c0364, apply a patch to fix the improper password check issue. As a temporary workaround, consider restricting access to sensitive areas of the application until a proper fix is applied.