CVE-2020-24551

Summary

IProom MMC+ Server login page does not validate specific parameters properly. Attackers can use the vulnerability to redirect to any malicious site and steal the victim's login credentials.

Affected Software

VendorProductVersion RangeStatus
IProomMMC+ Server0 <= 3.2.2affected

Weaknesses

  • CWE-601: CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

ADP Enrichment

CVE Program Container

Additional References

References