AI Score
Confidence
Low
EPSS
Percentile
91.8%
SurgeLDAP 1.0g (Build 12), and possibly other versions before 1.0h, allows remote attackers to bypass authentication for the administration interface via a direct request to admin.cgi with a modified utoken parameter.
netwinsite.com/surgeldap/updates.htm
secunia.com/advisories/11549
securitytracker.com/alerts/2004/May/1010113.html
securitytracker.com/id?1010068
www.osvdb.org/5890
www.securityfocus.com/bid/10294
exchange.xforce.ibmcloud.com/vulnerabilities/16076