VYPR
High severity7.5NVD Advisory· Published Dec 21, 2006· Updated Jun 16, 2026

CVE-2006-6679

CVE-2006-6679

Description

Pedro Lineu Orso chetcpasswd before 2.4 relies on the X-Forwarded-For HTTP header when verifying a client's status on an IP address ACL, which allows remote attackers to gain unauthorized access by spoofing this header.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:chetcpasswd_project:chetcpasswd:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:chetcpasswd_project:chetcpasswd:*:*:*:*:*:*:*:*range: <2.4
    • (no CPE)range: <2.4

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.