Lan ATM Service Expose a critical vulnerability could allow an attacker to control over the system

In Lan ATMService M3 ATM Monitoring System 6.1.0, due to Inadequate Session Expiration, a remote attacker capable of using a default cookie value, such as PHPSESSID=LANIT-IMANAGER, will gain control over the system- CVE-2020-29667

Image source: semanticscholar

References: