How severe is CVE-2020-26732?

CVE-2020-26732 has a CVSS v3 score of 7.5 (HIGH).

CVE-2020-26732

Name: gn542vf_boa
Author: skyworth

7.5HIGH

SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this

Опубликовано: 1/14/2021Обновлено: 11/21/2024

Описание

SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.

ИИ-АнализНа базе ИИ

Затронутые продукты

skyworthgn542vf_boa_firmware

0.94.13

skyworthgn542vf_boa

Ссылки

https://github.com/swzhouu/CVE-2020-26732
Third Party Advisory
https://github.com/swzhouu/CVE-2020-26732
Third Party Advisory