CVE-2020-36917
Cleartext Cookie Disclosure in iDS6 DSSPro Enables Credential Theft
Publication date: 2026-01-06
Last updated on: 2026-01-06
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| guangzhou_yeroo_tech_co_ltd | ids6_dsspro_digital_signage_system | From 4.3 (inc) to 6.2 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-319 | The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in iDS6 DSSPro Digital Signage System version 6.2 involves the cleartext transmission and storage of user authentication credentials within HTTP cookies when the autoSave ("Remember") feature is enabled. Specifically, usernames and passwords are stored in cookies without encryption, allowing remote attackers to intercept these credentials through man-in-the-middle (MITM) attacks on unencrypted HTTP communications. [1, 3, 4]
How can this vulnerability impact me? :
This vulnerability can lead to the exposure of sensitive user authentication credentials, including usernames and passwords, to remote attackers. By intercepting these credentials via MITM attacks on HTTP traffic, attackers can gain unauthorized access to user accounts, including administrative accounts, potentially compromising the entire digital signage system and its data. [1, 3, 4]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring HTTP traffic for cleartext cookies that contain authentication credentials, especially when the autoSave (Remember) feature is enabled. Look for cookies named cookie.username, cookie.password, cookie.admin.username, and cookie.admin.password transmitted over unencrypted HTTP sessions. Network packet capture tools like Wireshark or tcpdump can be used to inspect HTTP requests and responses for these cookies. For example, using tcpdump to capture HTTP traffic on port 80: tcpdump -A -s 0 'tcp port 80' | grep -i 'cookie'. Additionally, inspecting web server logs or using browser developer tools to check if credentials are stored or transmitted in cookies in plaintext can help detect the issue. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling the autoSave (Remember) feature to prevent credentials from being stored in cookies, enforcing the use of HTTPS to encrypt all communications and prevent interception of cookies, and updating or patching the iDS6 DSSPro Digital Signage System to a version that addresses this vulnerability if available. Additionally, avoid using HTTP for accessing the system and consider implementing network-level protections such as VPNs or secure tunnels to protect traffic from man-in-the-middle attacks. [1, 4]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability exposes user authentication credentials in cleartext cookies transmitted over HTTP, allowing attackers to intercept sensitive information via man-in-the-middle attacks. This exposure of sensitive personal data could lead to non-compliance with data protection regulations such as GDPR and HIPAA, which require the protection of personal and sensitive information during transmission. Therefore, the vulnerability poses a significant risk to compliance with these standards by failing to adequately protect user credentials and sensitive data. [1, 3, 4]