AWCM Cookie Authentication Bypass and Multiple Security Bypass Vulnerabilities


AWCM is prone to an authentication-bypass and multiple security-bypass vulnerabilities.


The information has been provided by Sooel Son.


Vulnerable Systems:
 * AWCM 2.2

AWCM could allow a remote attacker to bypass security restrictions, caused by an error in the cookie_gen.php script. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass the authentication process to forge a cookie.

CVE Information:

Disclosure Timeline:
Published:November 08 2012
Updated:November 08 2012

Categories: News