16 matches found
EUVD-2015-5941
Malware in sbrugna...
EUVD-2015-5940
Malware in sbrugna...
The vulnerability of the remote monitoring and management system of Impero Education Pro allows a perpetrator to execute arbitrary commands.
The vulnerability of the remote monitoring and management system of Impero Education Pro is related to the authentication string -1|AUTHENTICATE\x02PASSWORD. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using encrypted commands...
Impero Education Pro Incorrect Authentication Vulnerability
Impero Education Pro is an education management solution from Impero, Inc. that integrates classroom management, desktop management, and computer monitoring software into one package. A security vulnerability exists in Impero Education Pro versions prior to 5105. As the program performs...
Impero Education Pro is vulnerable
Impero Education Pro is an education management solution from Impero, Inc. that integrates classroom management, desktop management, and computer monitoring software into one package. Impero Education Pro versions prior to 5105 have a security vulnerability. Since the program uses hard-coded CBC...
CVE-2015-5998
Impero Education Pro before 5105 relies on the -1|AUTHENTICATE\x02PASSWORD string for authentication, which allows remote attackers to execute arbitrary programs via an encrypted command...
Hardcoded credentials
Impero Education Pro before 5105 uses a hardcoded CBC key and initialization vector derived from a hash of the Imp3ro string, which makes it easier for remote attackers to obtain plaintext data by sniffing the network for ciphertext data...
CVE-2015-5997
Impero Education Pro before 5105 uses a hardcoded CBC key and initialization vector derived from a hash of the Imp3ro string, which makes it easier for remote attackers to obtain plaintext data by sniffing the network for ciphertext data...
CVE-2015-5997
Impero Education Pro before 5105 uses a hardcoded CBC key and initialization vector derived from a hash of the Imp3ro string, which makes it easier for remote attackers to obtain plaintext data by sniffing the network for ciphertext data...
CVE-2015-5997
Impero Education Pro prior to 5105 is affected by CVE-2015-5997 due to a hard-coded CBC key and an IV derived from the hash of the string Imp3ro. This weak cryptographic setup enables an attacker who can sniff encrypted network traffic to recover plaintext data. The vulnerability affects the encr...
CVE-2015-5998
Impero Education Pro before version 5105 is affected by CVE-2015-5998 due to an authentication weakness that relies on the hardcoded authentication string -1|AUTHENTICATE\x02PASSWORD. This vulnerability allows a remote attacker to execute arbitrary commands on the affected host after bypassing au...
CVE-2015-5998
Impero Education Pro before 5105 relies on the -1|AUTHENTICATE\x02PASSWORD string for authentication, which allows remote attackers to execute arbitrary programs via an encrypted command...
Impero Education Pro classroom management software vulnerable to remote code execution
Overview Impero Software Education Pro classroom management software is vulnerable to remote code execution via improper encryption and authentication mechanisms. Description CWE-321: Use of Hard-coded Cryptographic KeyCWE-329: Not Using a Random IV with CBC Mode - CVE-2015-5997 According to the...
Impero Education Pro Remote Command Execution
/ If you're unsure what Impero is, it's essentially a corporate/educational RAT. Vendor site: https://www.imperosoftware.co.uk/ They recently were in the news about how they implemented "anti-radicalisation" shit or something. They had a booth at BETT back in January. They gave out donuts. Those...
Impero Education Pro - System Remote Command Execution
Impero Education Pro - System Remote Command Execution / If you're unsure what Impero is, it's essentially a corporate/educational RAT. Vendor site: https://www.imperosoftware.co.uk/ They recently were in the news about how they implemented "anti-radicalisation" shit or something. They had a boot...
Impero Education Pro - System Remote Command Execution
/ If you're unsure what Impero is, it's essentially a corporate/educational RAT. Vendor site: https://www.imperosoftware.co.uk/ They recently were in the news about how they implemented "anti-radicalisation" shit or something. They had a booth at BETT back in January. They gave out donuts. Those...