CVE-2022-3083

Name of the Vulnerable Software and Affected Versions Landis+Gyr E850 (ZMQ200) versions all

Description The device's web application navigation depends on the value of the session cookie. If an attacker changes the session cookie values, the web application could become inaccessible for the user. This issue is related to the reliance on cookies without validation and integrity.

Recommendations For all versions, consider implementing cookie validation and integrity checks to prevent unauthorized modifications. As a temporary workaround, restrict access to the web application to minimize the risk of exploitation.