GatesAir Maxiva UAXT and VAXT Transmitters Session Hijacking Vulnerability

Vulnerability

A session hijacking vulnerability has been identified in the web-based management interface of GatesAir Maxiva UAXT and VAXT transmitters. This vulnerability allows unauthenticated attackers to access exposed log files, which may contain sensitive session-related information such as session IDs and authentication success tokens. Exploiting this vulnerability could enable attackers to hijack active sessions, gain unauthorized access, and escalate privileges on the affected devices.

Impact

Exploitation of this vulnerability could lead to session hijacking, unauthorized access, and privilege escalation on the affected transmitters.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GatesAir Maxiva UAXT and VAXT Transmitters Session Hijacking Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating