← Back

Dma Radius Manager

dma_radius_manager

Vendor: Dmasoftlab • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-29012
1Dmasoftlab
1Dma Radius Manager
Jun 17, 2026
Apr 2, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to every admin session. The cookie is valid when the admin is logged in, but is invalid (temporarily) during times when the admin is logged out. In other w...Show more
DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to every admin session. The cookie is valid when the admin is logged in, but is invalid (temporarily) during times when the admin is logged out. In other words, the cookie is functionally equivalent to a static password, and thus provides permanent access if stolen.Show less
CVE-2021-29011
1Dmasoftlab
1Dma Radius Manager
Jun 17, 2026
Apr 2, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
DMA Softlab Radius Manager 4.4.0 is affected by Cross Site Scripting (XSS) via the description, name, or address field (under admin.php).