CVE-2025-3495

9.8CRITICAL

Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs (CWE-338). An attacker could easily brute force a session ID and load and execute arbitrary code.

게시됨: 4/16/2025업데이트됨: 4/16/2025
NVD에서 보기MITRE에서 보기

설명

Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs (CWE-338). An attacker could easily brute force a session ID and load and execute arbitrary code.

AI 분석AI 기반

참조