Unauthenticated Modification of System Settings in Silex SX-500 and GE MobileLink (GEH-500)

Unauthenticated Modification of System Settings in Silex SX-500 and GE MobileLink (GEH-500)

CVE-2018-6020 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:P

In Silex SX-500 all versions and GE MobileLink(GEH-500) version 1.54 and prior, authentication is not verified when making certain POST requests, which may allow attackers to modify system settings.

Learn more about our Mobile App Penetration Testing.