CVE-2024-5514

Name of the Vulnerable Software and Affected Versions MinMax CMS (affected versions not specified)

Description The issue is related to a hidden administrator account with a fixed password in MinMax CMS. This account cannot be removed or disabled from the management interface, allowing remote attackers to bypass IP access control restrictions and log in to the backend system without being recorded in the system logs. The exploitation of this issue may enable a remote attacker to gain access to the account and enter the system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.