DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to every admin session. The cookie is valid when the admin is logged in, but is invalid (temporarily) during times when the admin is logged out. In other words, the cookie is functionally equivalent to a static password, and thus provides permanent access if stolen.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/164154/DMA-Softlab-Radius-Manager-4.4.0-Session-Management-Cross-Site-Scripting.html | Exploit Third Party Advisory VDB Entry |
https://github.com/1d8/publications/tree/main/cve-2021-29012 | Exploit Third Party Advisory |
https://sourceforge.net/projects/radiusmanager/ | Product Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-04-02T12:51:29
Updated: 2021-09-14T17:06:11
Reserved: 2021-03-22T00:00:00
Link: CVE-2021-29012
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-04-02T13:15:11.873
Modified: 2022-07-12T17:42:04.277
Link: CVE-2021-29012
JSON object: View
Redhat Information
No data.
CWE