5 matches found
CVE-2024-0676
Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version , which allows a local user to interact with the machine where the application is installed, retrieve stored hashes from the machine and crack long 4-character passwords using a dictionary attack...
CVE-2024-0674
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, which could allow a local user to acquire root permissions by modifying the updatescript.js, inserting special code inside the script and creating the done.txt file. This would cause the watchdog process...
Lamassu Bitcoin ATM Douro Security Breach
Lamassu Bitcoin ATM Douro is a Bitcoin ATM from Lamassu. A security vulnerability exists in the Lamassu Bitcoin ATM Douro version 7.1 that stems from allowing the use of weak passwords. An attacker could exploit the vulnerability to retrieve stored hashes from the machine and crack passwords up t...
PT-2024-15739 · Lamassu · Lamassu Bitcoin Atm Douro
Name of the Vulnerable Software and Affected Versions: Lamassu Bitcoin ATM Douro version 7.1 Description: The issue is related to improper checking for unusual or exceptional conditions in the Lamassu Bitcoin ATM Douro machines. This could allow an attacker with physical access to the ATM to esca...
Lamassu Bitcoin ATM Douro Code Issue Vulnerability
Lamassu Bitcoin ATM Douro is a Bitcoin ATM from Lamassu. A code issue vulnerability exists in Lamassu Bitcoin ATM Douro version 7.1, which stems from improper checking of exceptions or special cases. An attacker could use this vulnerability to escape kiosk mode, access the underlying Xwindow...