Privilege Escalation via Cookie Manipulation in SerVision HVG Video Gateway Devices

Privilege Escalation via Cookie Manipulation in SerVision HVG Video Gateway Devices

CVE-2015-1469 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP response, a different vulnerability than CVE-2015-0929 and CVE-2015-0930.

Learn more about our Web App Pen Testing.