Bypassing Authentication via Modified HTTP Host Header in Buffalo TS5600D1206 version 3.61-0.10

Bypassing Authentication via Modified HTTP Host Header in Buffalo TS5600D1206 version 3.61-0.10

CVE-2018-13324 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Incorrect access control in nasapi in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to bypass authentication by sending a modified HTTP Host header.

Learn more about our Api Penetration Testing.