DAEnetIP4 METO Improper Session Management Vulnerability Allowing Session Hijacking

Vulnerability

A session hijacking vulnerability has been identified in DAEnetIP4 METO version 1.25. The issue arises from improper session management in the /login_ok.htm endpoint, allowing attackers to execute a session hijacking attack.

Impact

Exploitation of this vulnerability allows for session hijacking, where an attacker can take over a user's session and potentially gain unauthorized access to their account or data.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.1

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.1

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

DAEnetIP4 METO Improper Session Management Vulnerability Allowing Session Hijacking

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating