11 matches found
CVE-2025-54548
On affected platforms, restricted users could view sensitive portions of the config database via a debug API e.g., user password hashes...
EUVD-2025-36725
On affected platforms, restricted users could view sensitive portions of the config database via a debug API e.g., user password hashes...
CVE-2025-54548
On affected platforms, restricted users could view sensitive portions of the config database via a debug API e.g., user password hashes...
CVE-2025-54548 On affected platforms, restricted users could view sensitive portions of the config database via a debug API (e.g., user password hashes)
On affected platforms, restricted users could view sensitive portions of the config database via a debug API e.g., user password hashes...
CVE-2025-54548 On affected platforms, restricted users could view sensitive portions of the config database via a debug API (e.g., user password hashes)
On affected platforms, restricted users could view sensitive portions of the config database via a debug API e.g., user password hashes...
PT-2025-44363
Name of the Vulnerable Software and Affected Versions versions prior to 2025-54548 Description Restricted users could view sensitive portions of the config database via a debug API. Specifically, user password hashes were exposed. The API endpoint used for this exposure is a debug API...
CVE-2023-27532
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts...
Apache OpenOffice < 4.1.13 Multiple Vulnerabilities
The version of Apache OpenOffice installed on the remote host is a version prior to 4.1.13. It is, therefore, affected by multiple vulnerabilities: - Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted wi...
CVE-2022-37400
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where the required initialization vector for encryption was always the same...
CVE-2021-32453
SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network, to access via HTTP to the internal configuration database of the device without any authentication. An attacker could exploit this vulnerability in order to obtain information about the deviceĀ“s configurati...
Ubiquiti Configuration Importer
This module imports an Ubiquiti device configuration. The db file within the .unf backup is the data file for Unifi. This module can take either the db file or .unf. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...