6 matches found
CVE-2024-57056
Incorrect cookie session handling in WombatDialer before 25.02 results in the full session identity being written to system logs and could be used by a malicious attacker to impersonate an existing user session...
WombatDialer 安全漏洞
WombatDialer is a powerful predictive dialer for Asterisk PBX from WombatDialer. A security vulnerability exists in WombatDialer versions prior to 25.02 that stems from mishandling of cookie sessions, leading to session identity disclosure...
CVE-2024-57056
WombatDialer prior to 25.02 mishandles cookie sessions, causing the full session identity to be logged in system logs and enabling a malicious actor to impersonate an existing user session. This CVE (CVE-2024-57056) is documented across multiple sources; the impact is described as exposure of ses...
CVE-2024-57056
Incorrect cookie session handling in WombatDialer before 25.02 results in the full session identity being written to system logs and could be used by a malicious attacker to impersonate an existing user session...
CVE-2023-50015
An issue was discovered in Grandstream GXP14XX 1.0.8.9 and GXP16XX 1.0.7.13, allows remote attackers to escalate privileges via incorrect access control using an end-user session-identity token...
CVE-2023-50015
An issue was discovered in Grandstream GXP14XX 1.0.8.9 and GXP16XX 1.0.7.13, allows remote attackers to escalate privileges via incorrect access control using an end-user session-identity token...