Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
CVE-2020-37228: iDS6 DSSPro Digital Signage System 6.2 CAPTCHA Bypass Allows Unauthorized Access
CVE-2020-37228
Summary
The iDS6 DSSPro Digital Signage System version 6.2 has a security issue that makes it possible for attackers to bypass its CAPTCHA protection. This means they can try to guess user passwords more easily, which could lead to unauthorized access to the system. To protect your system, update to the latest version of iDS6 DSSPro Digital Signage System as soon as possible.
Original title
iDS6 DSSPro Digital Signage System 6.2 contains a CAPTCHA security bypass vulnerability that allows attackers to bypass authentication by requesting the autoLoginVerifyCode object. Attackers can re...
Original description
iDS6 DSSPro Digital Signage System 6.2 contains a CAPTCHA security bypass vulnerability that allows attackers to bypass authentication by requesting the autoLoginVerifyCode object. Attackers can retrieve valid CAPTCHA codes via the login endpoint and use them to perform brute-force attacks against user accounts.
nvd CVSS3.1
9.8
nvd CVSS4.0
9.3
Vulnerability type
CWE-307
Published: 16 May 2026 · Updated: 28 May 2026 · First seen: 16 May 2026