Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2023-42769

Description

The cookie session ID is of insufficient length and can be exploited by brute force, which may allow a remote attacker to obtain a valid session, bypass authentication, and manipulate the transmitter.

POC

Reference

- https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-08

- https://www.sielco.org/en/contacts

Github

No PoCs found on GitHub currently.