CVE-2018-7739P2CRITICALCVSS 9.8PoC≤ 0.9.0c2018-03-07
CVE-2018-7739 [CRITICAL] CWE-20 CVE-2018-7739: antsle antman before 0.9.1a allows remote attackers to bypass authentication via invalid characters
antsle antman before 0.9.1a allows remote attackers to bypass authentication via invalid characters in the username and password parameters, as demonstrated by a username=>&password=%0a string to the /login URI. This allows obtaining root permissions within the web management console, because the login process uses Java's ProcessBuilder class and a ba
nvd