VYPR
High severity7.5NVD Advisory· Published Apr 29, 2020· Updated Jun 17, 2026

CVE-2020-12477

CVE-2020-12477

Description

The REST API functions in TeamPass 2.1.27.36 allow any user with a valid API token to bypass IP address whitelist restrictions via an X-Forwarded-For client HTTP header to the getIp function.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
nilsteampassnet/teampassPackagist
<= 2.1.27.36

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.