Lucene search
China National Vulnerability DatabaseCNVD-2022-22249HistoryMar 14, 2022 - 12:00 a.m.
FreeTakServer Trust Management Issue Vulnerability
2022-03-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.001 Low
EPSS
Percentile
42.3%
FreeTAKServer is an open source lightweight server from the FreeTAKTeam team. It is used to connect to TAK clients. FreeTakServer suffers from a trust management issue vulnerability that stems from the fact that the Flask Secrets Key has three relevant locations that are hard-coded, which can be exploited by an attacker to create crafted cookies to bypass authentication or elevation of privileges.
| CPE | Name | Operator | Version |
|---|---|---|---|
| freetakteam freetakserver | eq | 1.9.8 |
Related
cvelist
cvelist
CVE-2022-25510
2022-03-10 23:35:40
nvd
nvd
CVE-2022-25510
2022-03-11 00:15:08
prion
prion
Hardcoded credentials
2022-03-11 00:15:00
gitlab
gitlab
Hard coded credentials in FreeTAKServer
2022-03-12 00:00:00
github
github
Hard coded credentials in FreeTAKServer
2022-03-12 00:00:37
cve
cve
CVE-2022-25510
2022-03-11 00:15:08
veracode
veracode
Privilege Escalation
2022-03-14 07:46:33
osv
osv
Hard coded credentials in FreeTAKServer
2022-03-12 00:00:37
CVE-2022-25510
2022-03-11 00:15:08