Security Advisory

CVE-2020-36902

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-10 21:05:41

Last updated 2025-12-11 18:52:29

Assigner VulnCheck

State PUBLISHED

Description

UBICOD Medivision Digital Signage 1.5.1 contains an authorization bypass vulnerability that allows normal users to escalate privileges by manipulating the ft[grp] parameter. Attackers can send a GET request to /html/user with ft[grp] set to integer value 3 to gain super admin rights without authentication.

← Browse all CVEs View on cve.org ↗