CVE-2025-53757
Description
This vulnerability exists in Digisol DG-GR6821AC Router due to misconfiguration of both Secure and HttpOnly flags on session cookies associated with the router web interface. A remote attacker could exploit this vulnerability by capturing the session cookies transmitted over an unsecure HTTP connection. Successful exploitation of this vulnerability could allow the attacker to obtain sensitive information from the targeted device.
Weakness Type (CWE)
References
Frequently Asked Questions
What is CVE-2025-53757? +
How do I check if I'm vulnerable to CVE-2025-53757? +
Related Vulnerabilities
This vulnerability exists in the CP Plus Router due to insecure handling of cookie flags used within its web interface. …
Default configurations of Apache Shiro send sensitive cookies in HTTPS session without 'Secure' attribute. This issue affects Apache Shiro from …
Setting a nameless cookie with an equals sign in the value shadowed other cookies. Even if the nameless cookie was …
Misskey is an open source, federated social media platform. Starting in version 12.109.0 and prior to version 2025.2.0-alpha.0, due to …
Session Hijacking vulnerability in Hitachi Ops Center Analyzer.This issue affects Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.1-00.
In phpipam/phpipam version 1.5.1, the Secure attribute for sensitive cookies in HTTPS sessions is not set. This could cause the …