2 matches found
CVE-2020-26732
SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session...
CVE-2020-26732
The CVE affects SKYWORTH GN542VF devices: Hardware Version 2.0 and Software Version 2.0.0.16 have session cookies that do not set the Secure flag in HTTPS, enabling potential cookie capture over HTTP sessions. Related entries also mention Boa version 0.94.13. The impact is confidentiality loss if...