PT-2024-27046 · Unknown · Wvp Gb28181 Pro
Guipi01
·
Published
2024-06-12
·
Updated
2025-06-13
·
CVE-2024-36523
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Wvp GB28181 Pro version 2.0
Description
An access control issue allows users to continue accessing information in the application after deleting their own or administrator accounts, provided they do not log out of their deleted accounts.
Recommendations
For Wvp GB28181 Pro version 2.0, consider implementing a mechanism to immediately invalidate session tokens or log out users when their accounts are deleted, to prevent unauthorized access to information.
Exploit
Fix
Insufficient Session Expiration
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wvp Gb28181 Pro