CVE-2024-33470

2024-05-2415:15:23

[email protected]

web.nvd.nist.gov

cve-2024-33470

smtp email settings

avtech room alert 4e v4.4.0

plaintext credential access

passback attack

unsupported products

7 High

AI Score

Confidence

Low

0 Low

EPSS

Percentile

0.0%

JSON

An issue in the SMTP Email Settings of AVTECH Room Alert 4E v4.4.0 allows attackers to gain access to credentials in plaintext via a passback attack. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

References

avtech.com/articles/27443/security-advisory-smtp-password-disclosure-in-dom/