Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Improper authentication in the two-factor authentication (2FA) feature in Devolutions Server 2026.1.11 and earlier allows a remote attacker with valid credentials to bypass multifactor authentication and gain unauthorized access to the victim account via reuse of a partially authenticated session token.
CVSS Information
N/A
Vulnerability Type
CWE-1390
Vulnerability Title
Devolutions Server 安全漏洞
Vulnerability Description
Devolutions Server是加拿大Devolutions公司的一个应用系统。提供功能齐全的共享帐户和密码管理解决方案。 Devolutions Server 2026.1.11及之前版本存在安全漏洞,该漏洞源于双因素身份验证功能身份验证不当,可能导致具有有效凭据的远程攻击者通过重用部分经过身份验证的会话令牌绕过多因素身份验证并获取对受害者账户的未授权访问。
CVSS Information
N/A
Vulnerability Type
N/A