CVE-2018-9080
Iomega and LenovoEMC NAS Web UI Vulnerabilities
For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, by setting the Iomega cookie to a known value before logging into the NAS's web application, the NAS will not provide the user a new cookie value. This allows an attacker who knows the cookie's value to compromise the user's session.
Produtos afetados
Lenovo Group LTD · EZ Media and Backup CenterLenovo Group LTD · Iomega StorCenterLenovo Group LTD · LenovoEMCQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →