CVE-2020-29667
Published
CVSS v3
9.8
CRITICAL
CVSS v2
10
HIGH
Affected
1
PROJECT
Description
In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote attacker able to use a default cookie value, such as PHPSESSID=LANIT-IMANAGER, can achieve control over the system because of Insufficient Session Expiration.
GitHub