CVE-2022-25510

FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows attackers to create crafted cookies to bypass authentication or escalate privileges.
References
Link Resource
https://github.com/FreeTAKTeam/FreeTakServer/issues/292 Exploit Issue Tracking
Configurations

Configuration 1

cpe:2.3:a:freetakserver-ui_project:freetakserver-ui:1.9.8:*:*:*:*:*:*:*

Information

Published : 2022-03-11 12:15

Updated : 2022-03-22 12:48


NVD link : CVE-2022-25510

Mitre link : CVE-2022-25510

Products Affected
No products.
CWE