RSS   Vulnerabilities for 'Away from home'   RSS

2021-08-03
 
CVE-2019-14453

CWE-269
 

 
An issue was discovered in Comelit "App lejos de casa (web)" 2.8.0. It allows privilege escalation via modified domus and logged fields, related to js/bridge.min.js and login.json. For example, an attacker can achieve high privileges (installer or administrator) for the graphical interface via a 1C000000000S value for domus, in conjunction with a zero value for logged.

 


Copyright 2022, cxsecurity.com

 

Back to Top