Unrated severityNVD Advisory· Published Sep 18, 2024· Updated Sep 18, 2024
Insufficient Session Expiration vulnerability on CIRCUTOR Q-SMT
CVE-2024-8888
Description
An attacker with access to the network where CIRCUTOR Q-SMT is located in its firmware version 1.0.4, could steal the tokens used on the web, since these have no expiration date to access the web application without restrictions. Token theft can originate from different methods such as network captures, locally stored web information, etc.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2= 1.0.4+ 1 more
- (no CPE)range: = 1.0.4
- (no CPE)range: 1.0.4
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.