CVE-2024-2412

Heimavista Rpage and Epage - Broken Access Control

CVSS 5.3 MEDIUMEPSS 0.4%CWE-1220

The disabling function of the user registration page for Heimavista Rpage and Epage is not properly implemented, allowing remote attackers to complete user registration on sites where user registration is supposed to be disabled.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Heimavista · Epage Heimavista · Rpage

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.twcert.org.tw/tw/cp-132-7696-0951f-1.html