Description
SKYWORTH GN542VF Boa version 0.94.13 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.
Affected Software
Related
{"id": "CVE-2020-26732", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2020-26732", "description": "SKYWORTH GN542VF Boa version 0.94.13 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.", "published": "2021-01-14T16:15:00", "modified": "2022-07-05T17:15:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0}, "severity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-26732", "reporter": "cve@mitre.org", "references": ["https://github.com/swzhouu/CVE-2020-26732"], "cvelist": ["CVE-2020-26732"], "immutableFields": [], "lastseen": "2022-07-05T18:37:14", "viewCount": 16, "enchantments": {"dependencies": {"references": [{"type": "githubexploit", "idList": ["29A9E08D-50A1-569C-B5B0-E27BCC954F79"]}], "rev": 4}, "score": {"value": 3.2, "vector": "NONE"}, "twitter": {"counter": 3, "tweets": [{"link": "https://twitter.com/threatintelctr/status/1352297173048823811", "text": " NEW: CVE-2020-26732 Skyworth GN542VF Boa version 0.94.13 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by interceptin... (click for more) Severity: HIGH https://t.co/DJFDhUUH4h?amp=1"}, {"link": "https://twitter.com/threatintelctr/status/1544376382192553984", "text": " NEW: CVE-2020-26732 SKYWORTH GN542VF Boa version 0.94.13 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by interceptin... (click for more) Severity: HIGH https://t.co/DJFDhUUH4h", "author": "threatintelctr", "author_photo": "https://pbs.twimg.com/profile_images/904224973987840000/dMy1x9Ho_400x400.jpg"}, {"link": "https://twitter.com/RemotelyAlerts/status/1544388071046594561", "text": "Severity: | SKYWORTH GN542VF Boa version 0.94.13 doe... | CVE-2020-26732 | Link for more: https://t.co/g6avKtNaOp", "author": "RemotelyAlerts", "author_photo": "https://pbs.twimg.com/profile_images/1534892541354680322/G_Cairku_400x400.jpg"}]}, "backreferences": {"references": [{"type": "githubexploit", "idList": ["29A9E08D-50A1-569C-B5B0-E27BCC954F79"]}]}, "exploitation": null, "vulnersScore": 3.2}, "_state": {"dependencies": 0, "twitter": 1657052834}, "_internal": {}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/o:skyworth:gn542vf_boa_firmware:0.94.13"], "cpe23": ["cpe:2.3:o:skyworth:gn542vf_boa_firmware:0.94.13:*:*:*:*:*:*:*"], "cwe": ["CWE-311"], "affectedSoftware": [{"cpeName": "skyworth:gn542vf_boa_firmware", "version": "0.94.13", "operator": "eq", "name": "skyworth gn542vf boa firmware"}], "affectedConfiguration": [{"name": "skyworth gn542vf boa", "cpeName": "skyworth:gn542vf_boa", "version": "-", "operator": "eq"}], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "AND", "children": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:o:skyworth:gn542vf_boa_firmware:0.94.13:*:*:*:*:*:*:*", "cpe_name": []}]}, {"operator": "OR", "children": [], "cpe_match": [{"vulnerable": false, "cpe23Uri": "cpe:2.3:h:skyworth:gn542vf_boa:-:*:*:*:*:*:*:*", "cpe_name": []}]}], "cpe_match": []}]}, "extraReferences": [{"url": "https://github.com/swzhouu/CVE-2020-26732", "name": "https://github.com/swzhouu/CVE-2020-26732", "refsource": "MISC", "tags": ["Third Party Advisory"]}]}
{"githubexploit": [{"lastseen": "2021-12-10T15:17:19", "description": "# CVE-2020-26732\nSkyworth GN542VF Boa version 0.94.13 does not s...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-01-14T09:55:59", "type": "githubexploit", "title": "Exploit for Missing Encryption of Sensitive Data in Skyworth Gn542Vf Boa Firmware", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-26732"], "modified": "2021-10-09T16:35:12", "id": "29A9E08D-50A1-569C-B5B0-E27BCC954F79", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "privateArea": 1}]}
CVE-2020-26732
