The device allows an unauthenticated malicious user to bypass authentication and modify the cookie to reveal hidden pages that allows more critical operations to the transmitter.