time.htm in the web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a78 allows remote attackers to bypass authentication and obtain administrative access by leveraging a cookie received in an HTTP response.
CPE | Name | Operator | Version |
---|---|---|---|
hvg_video_gateway_firmware | eq | <= 2.2.26a77 |