Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Changing Information Technology CGFIDO - Authentication Bypass
Vulnerability Description
The login mechanism via device authentication of CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability. If a user visits a forged website, the agent program deployed on their device will send an authentication signature to the website. An unauthenticated remote attacker who obtains this signature can use it to log into the system with any device.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
使用捕获-重放进行的认证绕过
Vulnerability Title
CHANGING CGFIDO 安全漏洞
Vulnerability Description
CHANGING CGFIDO是中国CHANGING公司的一个无密码身份验证系统。 CHANGING CGFIDO 0.0.1至1.1.0版本存在安全漏洞,该漏洞源于存在登录机制认证绕过漏洞,未认证的远程攻击者可通过获取签名后使用任何设备登录系统。
CVSS Information
N/A
Vulnerability Type
N/A