Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A session hijacking vulnerability exists in the web-based management interface of GatesAir Maxiva UAXT, VAXT transmitters. Unauthenticated attackers can access exposed log files (/logs/debug/xteLog*), potentially revealing sensitive session-related information such as session IDs (sess_id) and authentication success tokens (user_check_password OK). Exploiting this flaw could allow attackers to hijack active sessions, gain unauthorized access, and escalate privileges on affected devices.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GatesAir Maxiva 安全漏洞
Vulnerability Description
GatesAir Maxiva是美国GatesAir公司的一系列发射器。 GatesAir Maxiva存在安全漏洞,该漏洞源于Web管理界面中存在会话劫持漏洞。未经身份验证的攻击者可以访问暴露的日志文件。
CVSS Information
N/A
Vulnerability Type
N/A