CVE-2020-8234

CVE-2020-8234

Vendor N/A
Product EdgeSwitch firmware v1.9.0 and prior
Weakness CWE-613 · Insufficient session expiration
Published August 21, 2020
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability exists in The EdgeMax EdgeSwitch firmware <v1.9.1 where the EdgeSwitch legacy web interface SIDSSL cookie for admin can be guessed, enabling the attacker to obtain high privileges and get a root shell by a Command injection.

Key dates

02Disclosure timeline

August 21, 2020 CVE published
August 4, 2024 Record updated

Related vulnerabilities

04Related CVE