Unauthenticated Modification of System Settings in Silex SX-500 and GE MobileLink (GEH-500)
CVE-2018-6020 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:P/A:P
In Silex SX-500 all versions and GE MobileLink(GEH-500) version 1.54 and prior, authentication is not verified when making certain POST requests, which may allow attackers to modify system settings.
Learn more about our Mobile App Penetration Testing.