Opennds Captive Portal — known CVE vulnerabilities
Every CVE whose affected-product data names Opennds Captive Portal, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2023-38316 — CVSS 9.8 (critical): An issue was discovered in OpenNDS Captive Portal before version 10.1.2. When the custom unescape callback is enabled, attackers can…
CVE-2023-38315 — CVSS 7.5 (high): An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a try_to_authenticate NULL pointer dereference that can be…
CVE-2023-38313 — CVSS 7.5 (high): An issue was discovered in OpenNDS Captive Portal before 10.1.2. it has a do_binauth NULL pointer dereference that can be triggered with a…
CVE-2023-38320 — CVSS 7.5 (high): An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a show_preauthpage NULL pointer dereference that can be…
CVE-2023-38322 — CVSS 7.5 (high): An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a do_binauth NULL pointer dereference that be triggered…
CVE-2023-38314 — CVSS 6.5 (medium): An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a NULL pointer dereference in preauthenticated() that can…
CVE-2023-38324 — CVSS 5.3 (medium): An issue was discovered in OpenNDS before 10.1.2. It allows users to skip the splash page sequence (and directly authenticate) when it is…