Full title: Kentix MultiSensor-LAN 5.63.00 Authentication Bypass Vulnerability 
Category: web applications
Platform: multiple
Kentix MultiSensor-LAN versions 5.63.00 and below suffer from an authentication bypass vulnerability. The web based application is not using a usual session concept with a session cookie for managing authenticated user sessions. Some URLs are protected with HTTP Basic Authentication, but the user management web page can be accessed and used without any authentication.

# 0day.today @ http://0day.today/