2 matches found
CVE-2021-40846
An issue was discovered in Rhinode Trading Paints through 2.0.36. TP Updater.exe uses cleartext HTTP to check, and request, updates. Thus, attackers can man-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings...
CVE-2021-40846
CVE-2021-40846 affects Rhinode Trading Paints up to version 2.0.36, where TP Updater.exe checks for and requests updates over cleartext HTTP. This enables a man-in-the-middle to substitute a malicious binary for the legitimate update without SSL warnings. The connected sources corroborate the sam...