CVE-2018-10252

HIGH Year: 2018
CVSS v3 Score
8.1
High
CVSS v2 Score
6.8
Medium
Weakness Type
CWE-384
View all →

Vulnerability Description

An issue was discovered on Actiontec WCB6200Q before 1.1.10.20a devices. The admin login session cookie is insecurely generated making admin session hijacking possible. When an admin logs in, a session cookie is generated using the time of day rounded to 10ms. Since the web server returns its current time of day in responses, it is possible to step backward through possible session values until a working one is found. Once a working session ID is found, an attacker then has admin control of the device and can add a secondary SSID to create a backdoor to the network.

Related Vulnerabilities

CVE-2013-0507

HIGH
CVSS:8.1(High)

IBM InfoSphere Information Server 8.1, 8.5, 8.7, 9.1 has a Session Fixation Vulnerability

CWE-3842013

CVE-2016-0721

HIGH
CVSS:8.1(High)

Session fixation vulnerability in pcsd in pcs before 0.9.157.

CWE-3842016

CVE-2016-8609

HIGH
CVSS:8.1(High)

It was found that the keycloak before 2.3.0 did not implement authentication flow correctly. An attacker could use this flaw to construct a phishing URL, from which he could hijack the user's session....

CWE-3842016

CVE-2016-9981

HIGH
CVSS:8.1(High)

IBM AppScan Enterprise Edition 9.0 contains an unspecified vulnerability that could allow an attacker to hijack a valid user's session. IBM X-Force ID: 120257

CWE-3842016

CVE-2017-12619

HIGH
CVSS:8.1(High)

Apache Zeppelin prior to 0.7.3 was vulnerable to session fixation which allowed an attacker to hijack a valid user session. Issue was reported by "stone lone".

CWE-3842017

CVE-2017-14263

HIGH
CVSS:8.1(High)

Honeywell NVR devices allow remote attackers to create a user account in the admin group by leveraging access to a guest account to obtain a session ID, and then sending that session ID in a userManag...

CWE-3842017