Skip to main content

Pancake

1 CVEs product

Monthly

CVE-2020-24876 CRITICAL Act Now

Use of a hard-coded cryptographic key in Pancake versions < 4.13.29 allows an attacker to forge session cookies, which may lead to remote privilege escalation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Authentication Bypass Pancake
NVD
CVSS 3.1
9.8
EPSS
1.7%
EPSS 2% CVSS 9.8
CRITICAL Act Now

Use of a hard-coded cryptographic key in Pancake versions < 4.13.29 allows an attacker to forge session cookies, which may lead to remote privilege escalation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Authentication Bypass Pancake
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy