HTTP Location Header Bypass Vulnerability in Exemys Telemetry Web Server

HTTP Location Header Bypass Vulnerability in Exemys Telemetry Web Server

CVE-2015-7910 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:N/A:N

Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is unauthorized, which allows remote attackers to bypass intended access restrictions by disregarding this header and processing the response body.

Learn more about our Web App Pen Testing.