Session Hijacking Vulnerability in Red-M 1050 Bluetooth Access Point Web Management Server

Session Hijacking Vulnerability in Red-M 1050 Bluetooth Access Point Web Management Server

CVE-2002-0396 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The web management server for Red-M 1050 (Bluetooth Access Point) does not use session-based credentials to authenticate users, which allows attackers to connect to the server from the same IP address as a user who has already established a session.

Learn more about our Web App Pen Testing.