Unauthorized Access Vulnerability in Matrix Door Controller Cosec Vega FAXQ
CVE-2024-10381

9.8CRITICAL

Key Information:

Vendor: Matrix Comsec
Status: Matrix Door Controller Cosec Vega Faxq
Vendor: CVE Published:; 25 October 2024

🔔 Create Matrix Comsec Vulnerability Alert

What is CVE-2024-10381?

The Matrix Door Controller Cosec Vega FAXQ is susceptible to a vulnerability stemming from inadequate session management within its web-based management interface. This flaw allows a remote attacker to craft a specific HTTP request, potentially enabling them to gain unauthorized access to the device. If exploited, this vulnerability could provide the attacker with complete control over the compromised device, facilitating further malicious actions.

Affected Version(s)

Matrix Door Controller Cosec Vega FAXQ <V2R17

References

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOT...

third-party-advisory

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 25, 2024
Vulnerability Reserved
Oct 25, 2024

Credit

This vulnerability is reported by Arko Dhar and Souvik Kandar from Redinent Innovations Engineering & Research Team, Karnataka, India.