ГлавнаяУязвимости → CVE-2024-24300
9.8критическая

CVE-2024-24300

Описание

4ipnet EAP-767 v3.42.00 is vulnerable to Incorrect Access Control. The device uses the same set of credentials, regardless of how many times a user logs in, the content of the cookie remains unchanged.

Затрагиваемое ПО
4ipnet Eap-767 firmware4ipnet Eap-767
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/yckuo-sdc/PoChttps://github.com/yckuo-sdc/PoC