2 matches found
CVE-2025-63226
The CVE affects Sencore SMP100 SMP Media Platform firmware versions V4.2.160, V60.1.4, and V60.1.29. Root cause: improper session management on /UserManagement.html allows an attacker on the same network, with a valid session, to access the endpoint and add new users without authentication, leadi...
CVE-2025-63226
The Sencore SMP100 SMP Media Platform firmware versions V4.2.160, V60.1.4, V60.1.29 is vulnerable to session hijacking due to improper session management on the /UserManagement.html endpoint. Attackers who are on the same network as the victim and have access to the target's logged-in session can...