CVE-2021-42949

Publication date

2022-09-16 14:45:36

Family

mitre

State

PUBLISHED

Description

The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks.