Description
Tomahawk auth timing attack due to usage of `strcmp` has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client.
Remediation
References
Related Vulnerabilities
AngularJS Improper Input Validation Vulnerability (CVE-2019-10768)
WordPress Plugin IGIT Posts Slider Widget TimThumb Arbitrary File Upload (1.1)
WordPress Plugin AdWizz 'link' Parameter Cross-Site Scripting (1.0)
MySQL CVE-2020-14623 Vulnerability (CVE-2020-14623)
WordPress Plugin Simple Personal Message SQL Injection (1.0.3)