Vulnerabilities > Fantec

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-15	CVE-2022-28113	Reliance on Cookies without Validation and Integrity Checking vulnerability in Fantec Mwid25-Ds Firmware 2.000.030 An issue in upload.csp of FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows attackers to write files and reset the user passwords without having a valid session cookie. network low complexity fantec CWE-565	7.2
2022-04-06	CVE-2022-26591	Session Fixation vulnerability in Fantec Mwid25-Ds Firmware 2.000.030 FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows unauthenticated attackers to access and download arbitrary files via a crafted GET request. network low complexity fantec CWE-384	7.5

Vulnerabilities > Fantec {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Fantec"}]}