Authentication Bypass Vulnerability in LG SuperSign CMS

Authentication Bypass Vulnerability in LG SuperSign CMS

CVE-2018-16286 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits.

Learn more about our Cms Pen Testing.