Skip to content

Instantly share code, notes, and snippets.

@berkgoksel

berkgoksel/CVE-2018-10285.md

Last active April 22, 2018 16:32
Show Gist options
  • Save berkgoksel/b8e15cb5742540c6987e9d837d6fa8b1 to your computer and use it in GitHub Desktop.
Save berkgoksel/b8e15cb5742540c6987e9d837d6fa8b1 to your computer and use it in GitHub Desktop.
Download ZIP
The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms
Raw
CVE-2018-10285.md

Suggested description

The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms. Since the app does not use any sort of session ID, an attacker might bypass authentication.

Vulnerability Type

Incorrect access control

Vendor of Product

Ericsson-LG

Affected Product Code Base

iPECS NMS - A.1Ac

Attack Type

Remote

Reference

https://www.youtube.com/watch?v=ah3MLcAURlc

https://www.ipecs.com/site/lgericsson/menu/158.do?scene=detail&productNo=45

Discoverer

Berk Cem Goksel

CVE-2018-10285

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment