>> REDDOXX Appliance Session Identifier Extraction

USER: deepcore // DATE: 2017-07-25 23:30 // MODIFIED: 2017-07-25

RedTeam Pentesting discovered an information disclosure vulnerability in the REDDOXX appliance software, which allows unauthenticated attackers to extract valid session IDs. Affected versions include build 2032 and 2.0.625.