attacker logged in as guest can escalate his privileges by poisoning the
cookie to become administrator.
Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Electrolink | Compact DAB Transmitter | unaffected |
|
|||||||||||||||||||||
| Electrolink | Medium DAB Transmitter | unaffected |
|
|||||||||||||||||||||
| Electrolink | High Power DAB Transmitter | unaffected |
|
|||||||||||||||||||||
| Electrolink | Compact FM Transmitter | unaffected |
|
|||||||||||||||||||||
| Electrolink | Modular FM Transmitter | unaffected |
|
|||||||||||||||||||||
| Electrolink | Digital FM Transmitter | unaffected |
|
|||||||||||||||||||||
| Electrolink | VHF TV Transmitter | unaffected |
|
|||||||||||||||||||||
| Electrolink | UHF TV Transmitter | unaffected |
|
No data.
No data.
No data available yet.
Vendor Workaround
Electrolink has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of the affected products are encouraged to contact Electrolink https://electrolink.com/contacts/ for additional information.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-19782 | The application suffers from a privilege escalation vulnerability. An attacker logged in as guest can escalate his privileges by poisoning the cookie to become administrator. |
No history.
Subscriptions
No data.
MITRE
Status: PUBLISHED
Assigner: icscert
Published:
Updated: 2024-08-08T15:41:44.543Z
Reserved: 2024-01-05T22:07:42.986Z
Link: CVE-2024-22186
Vulnrichment
Updated: 2024-08-01T22:35:34.875Z
NVD
Status : Deferred
Published: 2024-04-18T23:15:07.310
Modified: 2026-04-15T00:35:42.020
Link: CVE-2024-22186
Redhat
No data.
OpenCVE Enrichment
No data.