Description
GatesAir Flexiva-LX devices on firmware 1.0.13 and 2.0, including models LX100, LX300, LX600, and LX1000, expose sensitive session identifiers (sid) in the publicly accessible log file located at /log/Flexiva%20LX.log. An unauthenticated attacker can retrieve valid session IDs and hijack sessions without providing any credentials. This attack requires the legitimate user (admin) to have previously closed the browser window without logging out.
Published: 2025-11-19
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 15 Jan 2026 18:45:00 +0000

Type Values Removed Values Added
First Time appeared Gatesair flexiva Lx100
Gatesair flexiva Lx1000
Gatesair flexiva Lx1000 Firmware
Gatesair flexiva Lx100 Firmware
Gatesair flexiva Lx300
Gatesair flexiva Lx300 Firmware
Gatesair flexiva Lx600
Gatesair flexiva Lx600 Firmware
CPEs cpe:2.3:h:gatesair:flexiva_lx1000:-:*:*:*:*:*:*:*
cpe:2.3:h:gatesair:flexiva_lx100:-:*:*:*:*:*:*:*
cpe:2.3:h:gatesair:flexiva_lx300:-:*:*:*:*:*:*:*
cpe:2.3:h:gatesair:flexiva_lx600:-:*:*:*:*:*:*:*
cpe:2.3:o:gatesair:flexiva_lx1000_firmware:1.0.13:*:*:*:*:*:*:*
cpe:2.3:o:gatesair:flexiva_lx1000_firmware:2.0:*:*:*:*:*:*:*
cpe:2.3:o:gatesair:flexiva_lx100_firmware:1.0.13:*:*:*:*:*:*:*
cpe:2.3:o:gatesair:flexiva_lx100_firmware:2.0:*:*:*:*:*:*:*
cpe:2.3:o:gatesair:flexiva_lx300_firmware:1.0.13:*:*:*:*:*:*:*
cpe:2.3:o:gatesair:flexiva_lx300_firmware:2.0:*:*:*:*:*:*:*
cpe:2.3:o:gatesair:flexiva_lx600_firmware:1.0.13:*:*:*:*:*:*:*
cpe:2.3:o:gatesair:flexiva_lx600_firmware:2.0:*:*:*:*:*:*:*
Vendors & Products Gatesair flexiva Lx100
Gatesair flexiva Lx1000
Gatesair flexiva Lx1000 Firmware
Gatesair flexiva Lx100 Firmware
Gatesair flexiva Lx300
Gatesair flexiva Lx300 Firmware
Gatesair flexiva Lx600
Gatesair flexiva Lx600 Firmware

Fri, 21 Nov 2025 09:30:00 +0000

Type Values Removed Values Added
First Time appeared Gatesair
Gatesair flexiva-lx
Vendors & Products Gatesair
Gatesair flexiva-lx

Thu, 20 Nov 2025 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 20 Nov 2025 21:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

Wed, 19 Nov 2025 19:45:00 +0000

Type Values Removed Values Added
Description GatesAir Flexiva-LX devices on firmware 1.0.13 and 2.0, including models LX100, LX300, LX600, and LX1000, expose sensitive session identifiers (sid) in the publicly accessible log file located at /log/Flexiva%20LX.log. An unauthenticated attacker can retrieve valid session IDs and hijack sessions without providing any credentials. This attack requires the legitimate user (admin) to have previously closed the browser window without logging out.
References

Subscriptions

Gatesair Flexiva-lx Flexiva Lx100 Flexiva Lx1000 Flexiva Lx1000 Firmware Flexiva Lx100 Firmware Flexiva Lx300 Flexiva Lx300 Firmware Flexiva Lx600 Flexiva Lx600 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-11-20T21:02:43.797Z

Reserved: 2025-10-27T00:00:00.000Z

Link: CVE-2025-63212

cve-icon Vulnrichment

Updated: 2025-11-20T21:02:34.642Z

cve-icon NVD

Status : Analyzed

Published: 2025-11-19T20:15:53.380

Modified: 2026-01-15T18:31:02.980

Link: CVE-2025-63212

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-11-21T09:16:15Z

Weaknesses