VYPR
High severity7.5NVD Advisory· Published Jul 28, 2017· Updated Jun 17, 2026

CVE-2017-11717

CVE-2017-11717

Description

MetInfo through 5.3.17 accepts the same CAPTCHA response for 120 seconds, which makes it easier for remote attackers to bypass intended challenge requirements by modifying the client-server data stream, as demonstrated by the login/findpass page.

Affected products

2
  • Metinfo/Metinfo2 versions
    cpe:2.3:a:metinfo_project:metinfo:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:metinfo_project:metinfo:*:*:*:*:*:*:*:*range: <=5.3.17
    • (no CPE)range: <=5.3.17

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.