lorawan-stack is an open source LoRaWAN network server. Prior to version 3.24.1, an open redirect exists on the login page of the lorawan stack server, allowing an malicious user to supply a user controlled redirect upon sign in. This issue may allows malicious actors to phish users, as users assume they were redirected to the homepage on login. Version 3.24.1 contains a fix.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
thethingsnetwork lorawan-stack |