PT-2020-15729 · Iproom · Iproom Mmc+ Server

Sam

Published

2020-10-14

Updated

2020-10-26

CVE-2020-24551

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions IProom MMC+ Server (affected versions not specified)

Description The issue concerns the IProom MMC+ Server login page, which fails to properly validate specific parameters. This allows attackers to redirect victims to malicious sites, potentially leading to the theft of login credentials.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Open Redirect

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-601

Related Identifiers

CVE-2020-24551

Affected Products

Iproom Mmc+ Server

PT-2020-15729 · Iproom · Iproom Mmc+ Server

CVE-2020-24551

Weakness Enumeration

Related Identifiers

Affected Products

References · 3