Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Sencore SMP100 SMP Media Platform (firmware versions V4.2.160, V60.1.4, V60.1.29) is vulnerable to session hijacking due to improper session management on the /UserManagement.html endpoint. Attackers who are on the same network as the victim and have access to the target's logged-in session can access the endpoint and add new users without any authentication. This allows attackers to gain unauthorized access to the system and perform malicious activities.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sencore SMP100 安全漏洞
Vulnerability Description
Sencore SMP100是美国Sencore公司的一个多功能媒体处理平台。 Sencore SMP100 V4.2.160版本、V60.1.4版本和V60.1.29版本存在安全漏洞,该漏洞源于会话管理不当,可能导致会话劫持和未授权访问。
CVSS Information
N/A
Vulnerability Type
N/A