Multiple Martem Products Multiple Security Vulnerabilities
BID:104286
CVE-2018-10603 | CVE-2018-10607 | CVE-2018-10609 |Info
Multiple Martem Products Multiple Security Vulnerabilities
| Bugtraq ID: | 104286 |
| Class: | Input Validation Error |
| CVE: |
CVE-2018-10603 CVE-2018-10607 CVE-2018-10609 |
| Remote: | Yes |
| Local: | No |
| Published: | May 22 2018 12:00AM |
| Updated: | May 22 2018 12:00AM |
| Credit: | Bernhards Blumbergs and Arturs Danilevics of CERT.LV, Latvia |
| Vulnerable: |
Martem GWM 2018.04.18-linux_4-0 Martem GW6 2018.04.18-linux_4-0 |
| Not Vulnerable: | |
Discussion
Multiple Martem Products Multiple Security Vulnerabilities
Multiple Martem Products are prone to the following security vulnerabilities.
1. An security bypass vulnerability.
2. A denial-of-service vulnerability.
3. An cross-site scripting vulnerability.
Attackers can exploit these issues to bypass certain security restrictions to perform unauthorized actions, steal cookie-based authentication credentials, to execute arbitrary scripts in the context of the web browser. Failed exploit attempts will result in a denial-of-service condition.
The following products are affected:
GW6 Version 2018.04.18-linux_4-01-601cb47 and prior.
GWM Version 2018.04.18-linux_4-01-601cb47 and prior.
Multiple Martem Products are prone to the following security vulnerabilities.
1. An security bypass vulnerability.
2. A denial-of-service vulnerability.
3. An cross-site scripting vulnerability.
Attackers can exploit these issues to bypass certain security restrictions to perform unauthorized actions, steal cookie-based authentication credentials, to execute arbitrary scripts in the context of the web browser. Failed exploit attempts will result in a denial-of-service condition.
The following products are affected:
GW6 Version 2018.04.18-linux_4-01-601cb47 and prior.
GWM Version 2018.04.18-linux_4-01-601cb47 and prior.
References
Multiple Martem Products Multiple Security Vulnerabilities
References:
References: