9.8

CVE-2024-9933

WatchTowerHQ <= 3.10.1 - Authentication Bypass to Administrator due to Missing Empty Value Check

WatchTowerHQ <= 3.10.1 - Authentication Bypass to Administrator due to Missing Empty Value Check

The WatchTowerHQ plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.10.1. This is due to the 'watchtower_ota_token' default value is empty, and the not empty check is missing in the 'Password_Less_Access::login' function. This makes it possible for unauthenticated attackers to log in to the WatchTowerHQ client administrator user.
Mögliche Gegenmaßnahme
WatchTowerHQ: Update to version 3.10.4, or a newer patched version
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstellerwatchtowerhq
Produkt watchtower
Default Statusunknown
Version <= 3.9.6
Version 0
Status affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Weitere Schwachstelleninformationen
SystemWordPress Plugin
Produkt WatchTowerHQ
Version *-3.10.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.94% 0.774
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
security@wordfence.com 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-288 Authentication Bypass Using an Alternate Path or Channel

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

https://plugins.trac.wordpress.org/browser/watchtowerhq/tags/3.9.6/src/Password_Less_Access.php#L56
https://www.wordfence.com/threat-intel/vulnerabilities/id/50349086-e7b0-4f73-8722-1367cc05180e?source=cve
https://plugins.trac.wordpress.org/changeset/3177064/watchtowerhq#file2
https://www.wordfence.com/threat-intel/vulnerabilities/id/50349086-e7b0-4f73-8722-1367cc05180e
Third Party Advisory