CVE-2004-2326 - Syndicalistic Cheese

Description

SQL injection vulnerability in IP3 Networks NetAccess Appliance before firmware 3.1.18b13 allows remote attackers to bypass authentication via the (1) login or (2) password. NOTE: this issue was later reported to also affect firmware 4.0.34.

Reference

http://www.securityfocus.com/bid/9858 https://exchange.xforce.ibmcloud.com/vulnerabilities/26106 http://www.securityfocus.com/archive/1/432007/100/0/threaded