CVE-2022-25510 · Vexday

CVE-2022-25510

EPSS 1.0%

FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows attackers to create crafted cookies to bypass authentication or escalate privileges.

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/FreeTAKTeam/FreeTakServer/issues/292