CVE-2020-36914
Cleartext Cookie Disclosure in QiHang Media Web 3.0.9 Enables Credential Theft
Publication date: 2026-01-06
Last updated on: 2026-01-06
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| shenzhen_xingmeng_qihang_media | qihang_media_web_digital_signage | From 3.0.9.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-319 | The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in QiHang Media Web Digital Signage version 3.0.9.0 involves the cleartext transmission and storage of user authentication credentials within HTTP cookies. Because these cookies are sent without encryption, remote attackers can intercept them using man-in-the-middle (MITM) attacks. This allows attackers to capture sensitive authentication information such as usernames and passwords, potentially leading to unauthorized access. [1, 2, 3]
How can this vulnerability impact me? :
The vulnerability can lead to the exposure of user authentication credentials to remote attackers who can intercept these credentials via man-in-the-middle attacks. This can result in unauthorized access to the affected system or application, compromising confidentiality and integrity of user accounts. Attackers may misuse the captured credentials to bypass security controls and gain access to sensitive information or system functions. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring network traffic for cleartext transmission of authentication cookies related to QiHang Media Web Digital Signage 3.0.9. Specifically, look for HTTP requests containing cookies such as 'qihang_cookie_key_account' and 'qihang_cookie_key_password' transmitted without encryption. Using network packet capture tools like Wireshark or tcpdump, you can filter HTTP traffic to inspect cookie headers for sensitive information in plaintext. For example, a tcpdump command to capture HTTP traffic on interface eth0 could be: tcpdump -i eth0 -A 'tcp port 80' | grep 'Cookie'. This will help identify if authentication credentials are being sent in cleartext cookies over the network, indicating the presence of the vulnerability. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting network access to the affected QiHang Media Web Digital Signage system to trusted and secure networks to prevent man-in-the-middle attacks, as the vulnerability requires adjacent network access. Additionally, avoid using unsecured HTTP connections and, if possible, configure the system or network to enforce encrypted communication channels such as HTTPS to protect cookie transmission. Since the vendor did not respond to disclosures, consider isolating the affected system until a patch or secure version is available. Monitoring and alerting on suspicious network activity related to cookie interception is also recommended. [1, 2]