Description
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are susceptible to leaking information through cookies. This is fixed in version 21.2s10 and 22.1s3
Published: 2024-08-02
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 04 Nov 2025 17:30:00 +0000

Type Values Removed Values Added
References

Tue, 03 Sep 2024 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Hms-networks ewon Cosy\+ 4g Apac
Hms-networks ewon Cosy\+ 4g Eu
Hms-networks ewon Cosy\+ 4g Jp
Hms-networks ewon Cosy\+ 4g Na
Hms-networks ewon Cosy\+ Ethernet
Hms-networks ewon Cosy\+ Firmware
Hms-networks ewon Cosy\+ Wifi
Weaknesses CWE-312
CPEs cpe:2.3:h:hms-networks:ewon_cosy\+_4g_apac:-:*:*:*:*:*:*:*
cpe:2.3:h:hms-networks:ewon_cosy\+_4g_eu:-:*:*:*:*:*:*:*
cpe:2.3:h:hms-networks:ewon_cosy\+_4g_jp:-:*:*:*:*:*:*:*
cpe:2.3:h:hms-networks:ewon_cosy\+_4g_na:-:*:*:*:*:*:*:*
cpe:2.3:h:hms-networks:ewon_cosy\+_ethernet:-:*:*:*:*:*:*:*
cpe:2.3:h:hms-networks:ewon_cosy\+_wifi:-:*:*:*:*:*:*:*
cpe:2.3:o:hms-networks:ewon_cosy\+_firmware:*:*:*:*:*:*:*:*
Vendors & Products Hms-networks ewon Cosy\+ 4g Apac
Hms-networks ewon Cosy\+ 4g Eu
Hms-networks ewon Cosy\+ 4g Jp
Hms-networks ewon Cosy\+ 4g Na
Hms-networks ewon Cosy\+ Ethernet
Hms-networks ewon Cosy\+ Firmware
Hms-networks ewon Cosy\+ Wifi

Mon, 12 Aug 2024 15:30:00 +0000

Type Values Removed Values Added
References

Wed, 07 Aug 2024 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Hms-networks
Hms-networks ewon Cosy Firmware
Weaknesses CWE-281
CPEs cpe:2.3:o:hms-networks:ewon_cosy_firmware:*:*:*:*:*:*:*:*
Vendors & Products Hms-networks
Hms-networks ewon Cosy Firmware
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Hms-networks Ewon Cosy\+ 4g Apac Ewon Cosy\+ 4g Eu Ewon Cosy\+ 4g Jp Ewon Cosy\+ 4g Na Ewon Cosy\+ Ethernet Ewon Cosy\+ Firmware Ewon Cosy\+ Wifi Ewon Cosy Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-11-04T16:12:14.584Z

Reserved: 2024-04-28T00:00:00.000Z

Link: CVE-2024-33892

cve-icon Vulnrichment

Updated: 2024-08-07T16:21:56.975Z

cve-icon NVD

Status : Modified

Published: 2024-08-02T18:16:18.637

Modified: 2025-11-04T17:15:52.710

Link: CVE-2024-33892

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses