CVE-2024-49705

Name of the Vulnerable Software and Affected Versions: SoftCOM iKSORIS Internet Starter versions prior to 79.0

Description: The issue is related to client-side Denial of Service (DoS) attacks. An attacker can trick a user into using a URL with a d parameter set to an unhandled value, causing the server to return an error message and preventing subsequent requests from being accepted. This issue persists until the session expires or the user manually deletes cookies. A similar effect can be achieved when a user attempts to change the platform language to an unimplemented one.

Recommendations: For versions prior to 79.0, update to version 79.0 to resolve the issue. As a temporary workaround, consider clearing session cookies to restore functionality. Avoid using URLs with unhandled d parameter values and refrain from attempting to change the platform language to unimplemented options until the update is applied.