Lucene search
+L

5 matches found

NVD
NVD
added 2025/10/21 12:15 p.m.15 views

CVE-2025-10639

The WorkExaminer Professional server installation comes with an FTP server that is used to receive the client logs on TCP port 12304. An attacker with network access to this port can use weak hardcoded credentials to login to the FTP server and modify or read data, log files and gain remote code...

8.8CVSS0.00899EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/21 11:36 a.m.6 views

CVE-2025-10639 Usage of Hardcoded FTP Credentials EfficientLab WorkExaminer Professional

The WorkExaminer Professional server installation comes with an FTP server that is used to receive the client logs on TCP port 12304. An attacker with network access to this port can use weak hardcoded credentials to login to the FTP server and modify or read data, log files and gain remote code...

7.8AI score0.00899EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/21 12:0 a.m.11 views

Work Examiner Professional 安全漏洞

Work Examiner Professional is an employee computer monitoring software from Work Examiner USA. A security vulnerability exists in Work Examiner Professional that stems from the use of weakly hard-coded credentials by the FTP server, which could lead to data modification or reading and remote code...

8.8CVSS9.7AI score0.00899EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/21 12:0 a.m.7 views

Work Examiner Professional 安全漏洞

Work Examiner Professional is an employee computer monitoring software from Work Examiner USA. A security vulnerability exists in Work Examiner Professional that stems from a lack of authentication checks on the server side, which could allow an unauthenticated attacker to bypass the login prompt...

9.8CVSS9.5AI score0.00876EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/21 12:0 a.m.5 views

Work Examiner Professional 安全漏洞

Work Examiner Professional is an employee computer monitoring software from Work Examiner USA. A security vulnerability exists in Work Examiner Professional that originates when traffic between the monitoring client, console, and server is transmitted in clear text, which could allow an attacker ...

7.1CVSS9.1AI score0.00304EPSS
Exploits0References1
Rows per page
Query Builder