Lucene search
K

5 matches found

NVD
NVD
added 2020/09/01 6:15 p.m.29 views

CVE-2020-24034

Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecure deserialization that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sessid, nonce, and ha1 values inside of the serialized session cookie, an attacker may...

9CVSS8.9AI score0.03672EPSS
Exploits3References4
Cvelist
Cvelist
added 2020/09/01 5:20 p.m.25 views

CVE-2020-24034

Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecure deserialization that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sessid, nonce, and ha1 values inside of the serialized session cookie, an attacker may...

8.9AI score0.03672EPSS
Exploits3References4
CVE
CVE
added 2020/09/01 5:20 p.m.79 views

CVE-2020-24034

CVE-2020-24034 affects Sagemcom F@ST 5280 routers running firmware version 1.150.61. The issue is an insecure deserialization in the authenticated flow that lets a logged-in user alter a serialized session cookie (sess_id, nonce, ha1) to assume another user’s role, including an internal account w...

9CVSS8.8AI score0.03672EPSS
Exploits3References4Affected Software1
0day.today
0day.today
added 2020/09/01 12:0 a.m.57 views

Sagemcom F@ST 5280 Privilege Escalation Vulnerability

Sagemcom F@ST 5280 routers using firmware version 1.150.61, and possibly others, have an insecure deserialization vulnerability that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sessid, nonce, and ha1 values inside of the...

9CVSS8.8AI score0.03672EPSS
Exploits3
Packet Storm
Packet Storm
added 2020/09/01 12:0 a.m.309 views

Sagemcom F@ST 5280 Privilege Escalation

privilege escalation Date: 08-31-2020 Exploit Author: Ryan Delaney Author Contact: ryan.delaney owasp org Author LinkedIn: https://www.linkedin.com/in/infosecrd/ Vendor Homepage: https://sagemcom.com/en Software Link: N/A F@ST 5280 firmware not published Version: F@ST 5280 router, F/W 1.150.61,...

0.7AI score0.03672EPSS
Exploits3
Rows per page
Query Builder