7 matches found
DAEnetIP4 METO v1.25 - Session Hijacking
DAEnetIP4 METO v1.25 contains improper session management in the /loginok.htm endpoint, letting attackers hijack sessions, exploit requires attacker to control or intercept session tokens. id: CVE-2025-28242 info: name: DAEnetIP4 METO v1.25 - Session Hijacking author: 0xAkoko severity: high...
CVE-2025-28242
Improper session management in the /loginok.htm endpoint of DAEnetIP4 METO v1.25 allows attackers to execute a session hijacking attack...
CVE-2025-28242
Improper session management in the /loginok.htm endpoint of DAEnetIP4 METO v1.25 allows attackers to execute a session hijacking attack...
CVE-2025-28242
creationtimestamp| type| source ---|---|--- 2025-04-18 17:59:36+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12511 2025-04-18 19:35:01+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ln4dkb6h2ni2 2025-04-18...
CVE-2025-28242
Improper session management in the /loginok.htm endpoint of DAEnetIP4 METO v1.25 allows attackers to execute a session hijacking attack...
CVE-2025-28242
DAEnetIP4 METO v1.25 is affected by improper session management in the /login_ok.htm endpoint, enabling session hijacking. The issue, documented in multiple sources (CVE-2025-28242 and the DAEnetIP4 METO/Nuclei template), indicates attackers can hijack user sessions if they control or intercept s...
CVE-2025-28242
Improper session management in the /loginok.htm endpoint of DAEnetIP4 METO v1.25 allows attackers to execute a session hijacking attack...