VYPR
Vendor

WombatDialer

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2024-57056MedFeb 18, 2025
    risk 0.35cvss 5.4epss 0.00

    Incorrect cookie session handling in WombatDialer before 25.02 results in the full session identity being written to system logs and could be used by a malicious attacker to impersonate an existing user session.

  • CVE-2024-57055MedFeb 18, 2025
    risk 0.33cvss 5.0epss 0.00

    Server-Side Access Control Bypass vulnerability in WombatDialer before 25.02 could allow unauthorized users to potentially call certain services without the necessary access level. This issue is limited to services used by the client (not the general-use JSON services) and…