3 matches found
CVE-2022-4098
Multiple Wiesemann products of the ComServer Series are prone to an authentication bypass through IP spoofing. After a user logged in to the WBM of the Com-Server an unauthenticated attacker in the same subnet can obtain the session ID and through IP spoofing change arbitrary settings by crafting...
CVE-2022-4098
CVE-2022-4098 affects Wiesemann & Theis ComServer Series. The issue is an authentication bypass via IP spoofing: after a user logs in to the WBM, an unauthenticated attacker on the same subnet can obtain the session ID and, by crafting modified HTTP GET requests, change settings, potentially taki...
CVE-2022-4098 Wiesemann & Theis: Multiple products prone to missing authentication through spoofing
Multiple Wiesemann&Theis products of the ComServer Series are prone to an authentication bypass through IP spoofing. After a user logged in to the WBM of the Com-Server an unauthenticated attacker in the same subnet can obtain the session ID and through IP spoofing change arbitrary settings by...