CVE-2018-25159 | Epross AVCON6 Systems Management Platform Requests login.action redirect unauthorized error injection can degrade hardware redundancy (Exploit 47379)
A vulnerability marked as very critical has been reported in Epross AVCON6 Systems Management Platform. This affects the function login.action of the component Requests Handler. The manipulation of the argument redirect leads to unauthorized error injection can degrade hardware redundancy.
This vulnerability is documented as CVE-2018-25159. The attack can be initiated remotely. Additionally, an exploit exists.