CVE-2024-48849

Name of the Vulnerable Software and Affected Versions: FLXEON versions through <= 9.3.4

Description: The issue is related to a lack of origin validation in WebSockets, which allows unauthorized HTTPS requests due to insufficient session management. This can be exploited by a remote attacker to bypass security restrictions and gain unauthorized access to protected information by sending specially crafted HTTPS requests.

Recommendations: For FLXEON versions through <= 9.3.4, consider disabling WebSockets functionality until a patch is available to prevent unauthorized HTTPS requests. Restrict access to sensitive information and implement additional security measures to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.