Ericsson Lg · Ipecs · CVE-2020-7824
**Name of the Vulnerable Software and Affected Versions**
iPECS (affected versions not specified)
**Description**
The issue is related to insecure permission handling of session cookies in the web-based management interface. An authenticated, remote attacker could exploit this by modifying the `cookie` value, potentially gaining access to sensitive device information, including configuration files.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.