5 matches found
CVE-2023-0897
Sielco PolyEco1000 is vulnerable to a session hijack vulnerability due to the cookie being vulnerable to a brute force attack, lack of SSL, and the session being visible in requests...
CVE-2023-0897 Session FIxation in Sielco PolyEco1000
Sielco PolyEco1000 is vulnerable to a session hijack vulnerability due to the cookie being vulnerable to a brute force attack, lack of SSL, and the session being visible in requests...
CVE-2023-0897 Session FIxation in Sielco PolyEco1000
Sielco PolyEco1000 is vulnerable to a session hijack vulnerability due to the cookie being vulnerable to a brute force attack, lack of SSL, and the session being visible in requests...
CVE-2023-0897
CVE-2023-0897 affects Sielco PolyEco1000 family (PolyEco1000 CPU:2.0.6/1.9.4/1.9.3; PolyEco500 1.7.0; PolyEco300 2.0.2/2.0.0) with a session hijack/session fixation risk due to cookies susceptible to brute-force, no SSL, and visible session data in requests. NVD CVSSv3.1 base score 9.8 (CRITICAL)...
Sielco PolyEco FM Transmitter
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : Sielco Equipment : PolyEco1000 Vulnerabilities : Session Fixation, Improper Restriction of Excessive Authentication Attempts, Improper Access Control 2. RISK...