Vulnerability Description
SQL injection vulnerability in IP3 Networks NetAccess Appliance before firmware 3.1.18b13 allows remote attackers to bypass authentication via the (1) login or (2) password. NOTE: this issue was later reported to also affect firmware 4.0.34.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ip3 Networks | Ip3 Netaccess | All versions |
| Ip3 Networks | Ip3 Netaccess - Hospitality | All versions |
| Ip3 Networks | Ip3 Netaccess - Wireless Hotspots | All versions |
References
- http://www.securityfocus.com/archive/1/432007/100/0/threaded
- http://www.securityfocus.com/bid/9858ExploitPatch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26106
- http://www.securityfocus.com/archive/1/432007/100/0/threaded
- http://www.securityfocus.com/bid/9858ExploitPatch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26106
FAQ
What is CVE-2004-2326?
CVE-2004-2326 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in IP3 Networks NetAccess Appliance before firmware 3.1.18b13 allows remote attackers to bypass authentication via the (1) login or (2) password. NOTE: this issue was late...
How severe is CVE-2004-2326?
CVE-2004-2326 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2326?
Check the references section above for vendor advisories and patch information. Affected products include: Ip3 Networks Ip3 Netaccess, Ip3 Networks Ip3 Netaccess - Hospitality, Ip3 Networks Ip3 Netaccess - Wireless Hotspots.