5 matches found
CVE-2025-63226
The Sencore SMP100 SMP Media Platform firmware versions V4.2.160, V60.1.4, V60.1.29 is vulnerable to session hijacking due to improper session management on the /UserManagement.html endpoint. Attackers who are on the same network as the victim and have access to the target's logged-in session can...
CVE-2025-63226
The Sencore SMP100 SMP Media Platform firmware versions V4.2.160, V60.1.4, V60.1.29 is vulnerable to session hijacking due to improper session management on the /UserManagement.html endpoint. Attackers who are on the same network as the victim and have access to the target's logged-in session can...
PT-2025-47395
Name of the Vulnerable Software and Affected Versions Sencore SMP100 SMP Media Platform versions V4.2.160, V60.1.4, V60.1.29 Description The Sencore SMP100 SMP Media Platform is susceptible to session hijacking because of inadequate session management. An attacker on the same network as a logged-...
CVE-2025-63226
The CVE affects Sencore SMP100 SMP Media Platform firmware versions V4.2.160, V60.1.4, and V60.1.29. Root cause: improper session management on /UserManagement.html allows an attacker on the same network, with a valid session, to access the endpoint and add new users without authentication, leadi...
CVE-2025-63226
The Sencore SMP100 SMP Media Platform firmware versions V4.2.160, V60.1.4, V60.1.29 is vulnerable to session hijacking due to improper session management on the /UserManagement.html endpoint. Attackers who are on the same network as the victim and have access to the target's logged-in session can...