High severity7.5NVD Advisory· Published Jan 6, 2026· Updated Apr 15, 2026
CVE-2020-36914
CVE-2020-36914
Description
QiHang Media Web Digital Signage 3.0.9 contains a sensitive information disclosure vulnerability that allows remote attackers to intercept user authentication credentials through cleartext cookie transmission. Attackers can perform man-in-the-middle attacks to capture and potentially misuse stored authentication credentials transmitted in an insecure manner.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 3.0.9
Patches
Vulnerability mechanics
References
6- cxsecurity.com/issue/WLB-2020080059nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/186770nvd
- packetstormsecurity.com/files/158858nvd
- www.howfor.comnvd
- www.vulncheck.com/advisories/qihang-media-web-digital-signage-cookie-authentication-credentials-disclosurenvd
- www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5578.phpnvd
News mentions
0No linked articles in our index yet.