CVE-2015-0929

SerVision HVG Video Gateway Firmware < 2.2.26a77 - Unauthenticated Administrative Access via time.htm Cookie Bypass

Title source: llm
STIX 2.1

Description

time.htm in the web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a78 allows remote attackers to bypass authentication and obtain administrative access by leveraging a cookie received in an HTTP response.

References (1)

Core 1
Core References
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/522460

Scores

EPSS 0.0345
EPSS Percentile 87.6%

Details

CWE
CWE-284
Status published
Products (1)
servision/hvg_video_gateway_firmware < 2.2.26a77
Published Feb 03, 2015
Tracked Since Feb 18, 2026