[SBA-ADV-20220120-01] MOKOSmart MKGW1 Gateway Improper Session Management

Read Time:21 Second

Posted by SBA – Advisory via Fulldisclosure on Dec 19

# MOKOSmart MKGW1 Gateway Improper Session Management #

Link:
https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220120-01_MOKOSmart_MKGW1_Gateway_Improper_Session_Management

## Vulnerability Overview ##

MOKOSmart MKGW1 Gateway devices with firmware version 1.1.1 or below do
not provide an adequate session management for the administrative web
interface. This allows adjacent attackers with access to the management
network to…

ZDI-CAN-25373: Microsoft

A CVSS score 7.0 AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus - Trend Micro Zero Day Initiative' was reported to...

September 20, 2024

DSA-5774-1 ruby-saml – security update

It was discovered that ruby-saml, a SAML library implementing the client side of a SAML authorization, does not properly verify...

September 20, 2024

USN-6968-2: PostgreSQL vulnerability

USN-6968-1 fixed CVE-2024-7348 in PostgreSQL-12, PostgreSQL-14, and PostgreSQL-16 This update provides the corresponding updates for PostgreSQL-9.5 in Ubuntu 16.04 LTS....

September 19, 2024