PT-2024-22398 · Sipwise · Sipwise C5 Ngcp Dashboard
Adrian Tuchel
·
Published
2024-04-10
·
Updated
2025-06-17
·
CVE-2024-28344
CVSS v3.1
3.1
Low
| Vector | AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Sipwise C5 NGCP Dashboard versions prior to mr11.5.1
Description
An Open Redirect issue was found, allowing attackers to control the
back parameter in the URL through a double encoded URL. This enables attackers to redirect users to unintended locations.Recommendations
For versions prior to mr11.5.1, update to version mr11.5.1 or later to resolve the issue. As a temporary workaround, consider restricting user access to the vulnerable URL parameter
back to minimize the risk of exploitation.Exploit
Fix
Open Redirect
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sipwise C5 Ngcp Dashboard