PT-2021-18025 · Dma Softlab · Dma Softlab Radius Manager

Published

2021-04-02

Updated

2022-07-12

CVE-2021-29012

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: DMA Softlab Radius Manager version 4.4.0

Description: The issue allows for permanent access if the session cookie is stolen, as it is functionally equivalent to a static password. This occurs because the same session cookie is assigned to every admin session, and although it is invalid when the admin is logged out, it becomes valid again upon login.

Recommendations: For DMA Softlab Radius Manager version 4.4.0, consider implementing a unique session cookie for each admin session to prevent unauthorized access. As a temporary workaround, restrict access to sensitive areas of the application when an admin is logged out to minimize the risk of exploitation.

Exploit

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2021-29012

Affected Products

Dma Softlab Radius Manager

PT-2021-18025 · Dma Softlab · Dma Softlab Radius Manager

CVE-2021-29012

Weakness Enumeration

Related Identifiers

Affected Products

References · 6