An Authentication Bypass by Spoofing issue was discovered in LAVA Ether-Serial Link (ESL) running firmware versions 6.01.00/29.03.2007 and prior versions. An improper authentication vulnerability has been identified, which, if exploited, would allow an attacker with the same IP address to bypass authentication by accessing a specific uniform resource locator.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-290,CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| lavalink | ether-serial_link_firmware | * |