PT-2026-20544 · Googtech · Sms-Ssm
Jszdk
·
Publicado
2026-02-18
·
Atualizado
2026-02-19
·
CVE-2026-2676
CVSS v2.0
6.5
Média
| Vetor | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
GoogTech sms-ssm versions prior to e8534c766fd13f5f94c01dab475d75f286918a8d
Description
A weakness exists due to improper authorization. This issue is related to the
preHandle function within the LoginInterceptor.java file of the API Interface component. The attack can be performed remotely. The exploit has been made publicly available.Recommendations
Update to a version prior to e8534c766fd13f5f94c01dab475d75f286918a8d.
Exploit
Correção
Improper Authorization
Incorrect Privilege Assignment
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Sms-Ssm