Share
## https://sploitus.com/exploit?id=PACKETSTORM:171844
Sielco Radio Link 2.06 'id' Cookie Brute Force Session Hijacking  
  
  
Vendor: Sielco S.r.l  
Product web page: https://www.sielco.org  
Affected version: 2.06 (RTX19)  
2.05 (RTX19)  
2.00 (EXC19)  
1.60 (RTX19)  
1.59 (RTX19)  
1.55 (EXC19)  
  
Summary: Sielco develops and produces radio links for all  
transmission and reception needs, thanks to innovative units  
and excellent performances, accompanied by a high reliability  
and low consumption.  
  
Desc: The Cookie session ID 'id' is of an insufficient length and  
can be exploited by brute force, which may allow a remote attacker  
to obtain a valid session, bypass authentication and manipulate  
the transmitter.  
  
Tested on: lwIP/2.1.1  
Web/2.9.3  
  
  
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic  
@zeroscience  
  
  
Advisory ID: ZSL-2023-5762  
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5762.php  
  
  
26.01.2023  
  
--  
  
  
# Session values (len=5)  
  
Cookie: id=42331  
Cookie: id=28903  
Cookie: id=+5581  
Cookie: id=+9002  
...  
...