CVE-2018-19878

Description

An issue was discovered on Teltonika RTU950 R_31.04.89 devices. The application allows a user to login without limitation. For every successful login request, the application saves a session. A user can re-login without logging out, causing the application to store the session in memory. Exploitation of this vulnerability will increase memory use and consume free space.

References

https://www.triadsec.com/CVE-2018-19878.pdf

https://www.triadsec.com/

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3

EPSS