29Oca
CVE-2024-1006 | Shanxi Diankeyun Technology NODERP up to 6.0.2 Cookie common.php Nod_User_Id/Nod_User_Token improper authentication
A vulnerability was found in Shanxi Diankeyun Technology NODERP up to 6.0.2 and classified as critical. This issue affects some unknown processing of the file application/index/common.php of the component Cookie Handler. The manipulation of the argument Nod_User_Id/Nod_User_Token leads to improper authentication. The identification of this vulnerability is CVE-2024-1006. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.