2 matches found
CVE-2009-2367
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/iomegastorcenterprosessionid.rb 2025-02-06 03:13:39+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:08:38+00:00...
CVE-2009-2367
The CVE-2009-2367 entry concerns the Iomega StorCenter Pro NAS web interface (cgi-bin/makecgi-pro) generating predictable session IDs. The Connected documents confirm exploitability via brute-force guessing of the session_id parameter to hijack active sessions and gain administrative access. A Me...