CVE-2025-27450

Name of the Vulnerable Software and Affected Versions: MEAC300-FNADE4 (affected versions not specified)

Description: The issue concerns the absence of the Secure attribute on multiple cookies provided by the MEAC300-FNADE4. This allows an attacker to trick a user into establishing an unencrypted HTTP connection to the server, enabling the interception of requests containing sensitive cookies, such as the PHPSESSID cookie.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.