OpenNDS Authentication Bypass Vulnerability

OpenNDS Authentication Bypass Vulnerability

CVE-2023-38324 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

An issue was discovered in OpenNDS before 10.1.2. It allows users to skip the splash page sequence (and directly authenticate) when it is using the default FAS key and OpenNDS is configured as FAS.

Learn more about our User Device Pen Test.