CVEs-PoC/2021/CVE-2021-29012.md at dc6e2cf7158eeb24cfecb4d64f4f1da9a8a732e2

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-02 00:15:14 +02:00

Files

T

marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024

2024-05-25 21:48:12 +02:00

Description

DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to every admin session. The cookie is valid when the admin is logged in, but is invalid (temporarily) during times when the admin is logged out. In other words, the cookie is functionally equivalent to a static password, and thus provides permanent access if stolen.

POC

Reference

http://packetstormsecurity.com/files/164154/DMA-Softlab-Radius-Manager-4.4.0-Session-Management-Cross-Site-Scripting.html
https://github.com/1d8/publications/tree/main/cve-2021-29012

Github

https://github.com/1d8/publications
https://github.com/ARPSyndicate/cvemon

982 B Raw Blame History

CVE-2021-29012

Description

POC

Reference

Github

982 B

Raw Blame History