Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2024/03/04 12:0 a.m.230 views

Wallos Shell Upload

Exploit Title: Wallos - File Upload RCE Authenticated Date: 2024-03-04 Exploit Author: [email protected] Vendor Homepage: https://github.com/ellite/Wallos Software Link: https://github.com/ellite/Wallos Version: 1.11.2 Tested on: Debian 12 Wallos allows you to upload an image/logo when you create...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/03/04 12:0 a.m.282 views

Petrol Pump Management Software 1.0 SQL Injection

Exploit Title: SQL Injection vulnerability in Petrol Pump Management Software v.1.0. Date: 01-03-2024 Exploit Author: Shubham Pandey Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html Version:...

7.4AI score0.12946EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/03/04 12:0 a.m.253 views

Enrollment System 1.0 SQL Injection

Exploit Title: Enrollment System v1.0 - SQL Injection Date: 27 December 2023 Exploit Author: Gnanaraj Mauviel @0xm3m Vendor: Obi08 Vendor Homepage: https://github.com/Obi08/EnrollmentSystem Software Link: https://github.com/Obi08/EnrollmentSystem Version: v1.0 Tested on: Mac OSX, XAMPP, Apache,...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/03/04 12:0 a.m.314 views

TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 Privilege Escalation

Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defense LLC + twitter.com/striv3r Vendor Tp-Link http://tp-link.com Product JetStream Smart Switch - TL-SG2210P v5.0 Build 20211201 Vulnerability Type Improper Access Control Affected Product Code Base JetStream Smart Switch - TL-SG2210P...

7.4AI score0.01137EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/03/04 12:0 a.m.249 views

Real Estate Management System 1.0 Shell Upload

Exploit Title: Real Estate Management System v1.0 - Remote Code Execution via File Upload Date: 2/11/2024 Exploit Author: Diyar Saadi Vendor Homepage: https://codeastro.com Version: V1.0 Tested on: Windows 11 + XAMPP 8.0.30 + Burp Suite Professional v2023.12.1.3 Description This Vulnerability all...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/03/04 12:0 a.m.190 views

AC Repair And Services System 1.0 SQL Injection

Exploit Title: AC Repair and Services System v1.0 - Multiple SQL Injection Date: 27 December 2023 Exploit Author: Gnanaraj Mauviel @0xm3m Vendor: oretnom23 Vendor Homepage: https://www.sourcecodester.com/php/16513/ac-repair-and-services-system-using-php-and-mysql-source-code-free-download.html...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/03/04 12:0 a.m.249 views

Multilaser RE160V Header Manipulation Access Bypass

[email protected] Status: RO Content-Length: 5433 Lines: 153 =====Tempest Security Intelligence - Security Advisory - CVE-2023-38944======= Access Control Bypass in Multilaser routers' Web Management Interface Author: Vinicius Moraes =====Table of...

7.4AI score0.15528EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/03/04 12:0 a.m.317 views

BoidCMS 2.0.1 Cross Site Scripting

Exploit Title: Multiple XSS Issues in boidcmsv2.0.1 Date: 3/2024 Exploit Author: Andrey Stoykov Version: 2.0.1 Tested on: Ubuntu 22.04 Blog: http://msecureltd.blogspot.com XSS via SVG File Upload Steps to Reproduce: 1. Login with admin user 2. Visit "Media" page 3. Upload xss.svg 4. Click "View"...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/03/01 12:0 a.m.322 views

Membership Management System 1.0 SQL Injection

Title: Membership Management System - SQL injection - Application: Hospital Management System - Date: 01.03.2024 - Bugs: SQL injection - Exploit Author: SoSPiro - Vendor Homepage: https://codeastro.com/author/nbadmin/ - Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/03/01 12:0 a.m.568 views

BoidCMS 2.0.0 Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BoidCMS Command Injection', 'Description' = %q This module leverages CVE-2023-38836, an improper sanitization bug in BoidCMS version 2.0.0 and...

8.8CVSS7.4AI score0.73027EPSS
Exploits8
Packet Storm
Packet Storm
added 2024/02/29 12:0 a.m.323 views

Backdoor.Win32.Jeemp.c MVID-2024-0672 Hardcoded Credential

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/d6b192a4027c7d635499133ca6ce067f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Jeemp.c Vulnerability: Cleartext Hardcoded Credentials Description: The...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/29 12:0 a.m.355 views

Backdoor.Win32.Agent.amt MVID-2024-0673 Authentication Bypass / Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/2a442d3da88f721a786ff33179c664b7.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.amt Vulnerability: Authentication Bypass Description: The malware can...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/29 12:0 a.m.336 views

WordPress IDonate Blood Request Management System 1.8.1 Cross Site Scripting

Exploit Title: IDonate – blood request management system XSS in Recaptcha secret key and in Recaptcha Site key 3- Click on save changes. 4- While clicking on the payload text, XSS will trigger. Vulnerable Code: public function idonaterecaptchasecretkeycallback if isset...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/28 12:0 a.m.359 views

WordPress Admin Bar And Dashboard Access Control 1.28 XSS

Exploit Title: WordPress Plugin Admin Bar & Dashboard Access Control Version: 1.2.8 - "Dashboard Redirect" field Stored Cross-Site Scripting XSS Google Dork: NA Date: 28/10/2023 Exploit Author: Rachit Arora Vendor Homepage: Software Link: https://wordpress.org/plugins/admin-bar-dashboard-control/...

4.8CVSS7.4AI score0.00357EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/02/28 12:0 a.m.318 views

Saflok System 6000 Key Derivation

// Exploit Title: Saflok KDF // Date: 2023-10-29 // Exploit Author: a51199deefa2c2520cea24f746d899ce // Vendor Homepage: https://www.dormakaba.com/ // Version: System 6000 // Tested on: Dormakaba Saflok cards // CVE: N/A include include define MAGICTABLESIZE 192 define KEYLENGTH 6 define UIDLENGT...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/28 12:0 a.m.400 views

Blood Bank 1.0 SQL Injection

Exploit Title: Blood Bank v1.0 SQL Injection Vulnerability Date: 2023-11-14 Exploit Author: Ersin Erenler Vendor Homepage: https://code-projects.org/blood-bank-in-php-with-source-code Software Link: https://download-media.code-projects.org/2020/11/BloodBankInPHPWithSourcecode.zip Version: 1.0...

5.5CVSS7.4AI score0.00394EPSS
Exploits9
Packet Storm
Packet Storm
added 2024/02/28 12:0 a.m.300 views

WordPress WP Fastest Cache 1.2.2 SQL Injection

Exploit Title: Unauthenticated SQL Injection in WP Fastest Cache 1.2.2 Date: 14.11.2023 Exploit Author: Meryem Taşkın Vendor Homepage: https://www.wpfastestcache.com/ Software Link: https://wordpress.org/plugins/wp-fastest-cache/ Version: WP Fastest Cache 1.2.2 Tested on: WP Fastest Cache 1.2.2...

7.5CVSS7.4AI score0.73708EPSS
Exploits11
Packet Storm
Packet Storm
added 2024/02/27 12:0 a.m.251 views

Automatic-Systems SOC FL9600 FastLine Hardcoded Credentials

Exploit Title: Automatic-Systems SOC FL9600 FastLine - The device contains hardcoded login and password for super admin Google Dork: Date: 12/9/2023 Exploit Author: Mike Jankowski-Lorek, Marcin Kozlowski / Cqure Vendor Homepage: http://automatic-systems.com Software Link: Version: V06 Tested on:...

7.5CVSS7.4AI score0.00892EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/02/27 12:0 a.m.216 views

Moodle 4.3 Insecure Direct Object Reference

Exploit Title: Moodle 4.3 'id' Insecure Direct Object Reference IDOR Date: 20/10/2023 Exploit Author: tmrswrr Vendor Homepage: https://moodle.org/ Software Demo: https://school.moodledemo.net/ Version: 4.3+ Tested on: Linux Vulnerability Details ====================== Steps : 1. Log in to the...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/27 12:0 a.m.257 views

perl2exe 30.10C Arbitrary Code Execution

Exploit Title: Executables Created with perl2exe safe.pl user@testing:/example$ ./perl2exe-Linux-x64-5.30.1/perl2exe safe.pl Perl2Exe V30.10C 2020-12-11 Copyright c 1997-2020 IndigoSTAR Software ... Generating safe user@testing:/example$ user@testing:/example$ Check that the program executes as...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/27 12:0 a.m.281 views

SuperStoreFinder 3.7 XSS / CSRF / Command Execution

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ .:. Exploit Title SuperStoreFinder - Multiple Vulnerabilities .:. Google Dorks .:. "designed and built by Joe Iz." "Super Store Finder is designed and built by Joe Iz from Highwarden Huntsman." inurl:/superstorefinder/index.php ....

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/27 12:0 a.m.218 views

Hospital Management System 1.0 Insecure Direct Object Reference / Account Takeover

Exploit Title: Hospital Management System - IDOR + Accaunt Takeover Google Dork: N/A Application: Hospital Management System Date: 27.02.2024 Bugs: IDOR + Accaunt Takeover Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/27 12:0 a.m.218 views

Automatic-Systems SOC FL9600 FastLine Directory Traversal

Exploit Title: Automatic-Systems SOC FL9600 FastLine - Directory Transversal Google Dork: Date: 12/9/2023 Exploit Author: Mike Jankowski-Lorek, Marcin Kozlowski / Cqure Vendor Homepage: http://automatic-systems.com Software Link: Version: V06 Tested on: V06, VersionSVN =...

7.5CVSS7.4AI score0.0147EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/02/27 12:0 a.m.321 views

Hospital Management System 1.0 Cross Site Scripting

Exploit Title: Hospital Management System - Stord XSS Google Dork: N/A Application: Hospital Management System Date: 27.02.2024 Bugs: Stord XSS Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/27 12:0 a.m.408 views

WordPress Comments Like Dislike 1.2.0 Missing Authorization

Exploit Title: POC-CVE-2023-3244 Date: 9/12/2023 Exploit Author: Diaa Hanna Software Link: download link if available Version: = 1.2.0 comments-like-dislike Tested on: 1.1.6 comments-like-dislike CVE : CVE-2023-3244 References https://nvd.nist.gov/vuln/detail/CVE-2023-3244 The Comments Like Disli...

5.3CVSS7.4AI score0.00787EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/02/27 12:0 a.m.323 views

WordPress Canto Remote Shell Upload

Exploit Title: Wordpress Plugin Canto " def createadminfilelocaldir, localshell=None: if not os.path.exis...

9.8CVSS7.4AI score0.0562EPSS
Exploits7
Packet Storm
Packet Storm
added 2024/02/27 12:0 a.m.353 views

Hospital Management System 1.0 SQL Injection

Exploit Title: Hospital Management System - SQL Injection Google Dork: N/A Application: Hospital Management System Date: 26.02.2024 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/27 12:0 a.m.282 views

Atlassian Confluence Data Center And Server Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Data Center and Server Authentication Bypass via Broken Access Control', 'Description' = %q This module exploits a broken...

10CVSS7.4AI score0.99156EPSS
Exploits39
Packet Storm
Packet Storm
added 2024/02/26 12:0 a.m.250 views

Simple Inventory Management System 1.0 SQL Injection

Exploit Title: Simple Inventory Management System - SQL Injection Google Dork: N/A Application: Simple Inventory Management System Date: 26.02.2024 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/26 12:0 a.m.246 views

Backdoor.Win32.AutoSpy.10 MVID-2024-0671 Remote Command Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/b012704cad2bae6edbd23135394b9127.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.AutoSpy.10 Vulnerability: Unauthenticated Remote Command Execution...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/26 12:0 a.m.204 views

FAQ Management System 1.0 SQL Injection

Exploit Title: FAQ Management System - SQL Injection Google Dork: N/A Application: FAQ Management System Date: 25.02.2024 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/26 12:0 a.m.233 views

Flashcard Quiz App 1.0 SQL Injection

Exploit Title: Flashcard Quiz App - SQL Injection Google Dork: N/A Application: Flashcard Quiz App Date: 25.02.2024 Bugs: SQL Injection Exploit Author: SoSPiro Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/24 12:0 a.m.263 views

Tosibox Key Service 3.3.0 Local Privilege Escalation / Unquoted Service Path

Tosibox Key Service 3.3.0 Local Privilege Escalation Vendor: Tosibox Oy Product web page: https://www.tosibox.com Affected version: sc qc "Tosibox Key Service" SC QueryServiceConfig SUCCESS SERVICENAME: Tosibox Key Service TYPE : 110 WIN32OWNPROCESS interactive STARTTYPE : 2...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/24 12:0 a.m.350 views

Backdoor.Win32.Armageddon.r MVID-2024-0670 Hardcoded Credential

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/68d135936512e88cc0704b90bb3839e0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Armageddon.r Vulnerability: Hardcoded Cleartext Credentials Description: Th...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/24 12:0 a.m.264 views

SuperCali 1.1.0 Cross Site Scripting

Exploit Title: SuperCali Version : 1.1.0 - Reflected XSS Date: 2024-23-02 Exploit Author: tmrswrr Vendor Homepage: https://supercali.inforest.com Version : 1.1.0 Tested on: https://softaculous.com/demos/supercali 1 Go to admin login url : https://127.0.0.1/SuperCali/login.php 2 Write your payload...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/24 12:0 a.m.697 views

ConnectWise ScreenConnect 23.9.7 Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ConnectWise ScreenConnect Unauthenticated Remote Code Execution', 'Description' = %q This module exploits an authentication bypass vulnerability...

10CVSS7AI score0.99959EPSS
Exploits9
Packet Storm
Packet Storm
added 2024/02/22 12:0 a.m.323 views

SitePad 1.8.2 Cross Site Scripting

Exploit Title: SitePad Version : 1.8.2 - Stored XSS Date: 2024-21-02 Exploit Author: tmrswrr Vendor Homepage: https://sitepad.com/ Version : 1.8.2 Tested on: https://www.softaculous.com/apps/blogs/SitePad 1 Go to Templates Header Edit Pagelayer Template 2 Write in Name : " 3 After save and refres...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/22 12:0 a.m.327 views

CMS Made Simple 2.2.19 Cross Site Scripting

Exploit Title: CMS Made Simple Version: 2.2.19 - Stored XSS Date: 2024-21-02 Exploit Author: tmrswrr Vendor Homepage: https://www.cmsmadesimple.org/ Version: 2.2.19 Tested on: https://www.softaculous.com/demos/CMSMadeSimple 1 log in as admin and go to Content File Manager 2 Write in New directory...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/22 12:0 a.m.421 views

CMS Made Simple 2.2.19 Remote Code Execution

Exploit Title: CMS Made Simple Version: 2.2.19 - Remote Code Execution Date: 2024-21-02 Exploit Author: tmrswrr Vendor Homepage: https://www.cmsmadesimple.org/ Version: 2.2.19 Tested on: https://www.softaculous.com/demos/CMSMadeSimple 1 log in as admin and go to Extensions User Defined Tags 2 Wri...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/22 12:0 a.m.295 views

Dotclear 2.29 Cross Site Scripting

Exploit Title: Dotclear Version : 2.29 - Reflected XSS Date: 2024-21-02 Exploit Author: tmrswrr Vendor Homepage: https://dotclear.org/ Version : 2.29 Tested on: https://softaculous.com/demos/dotclear 1 Enter admin panel after write search button this payload : " 2...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/22 12:0 a.m.401 views

CMS Made Simple 2.2.19 Server-Side Template Injection

Exploit Title: CMS Made Simple Version: 2.2.19 - SSTI Date: 2024-21-02 Exploit Author: tmrswrr Vendor Homepage: https://www.cmsmadesimple.org/ Version: 2.2.19 Tested on: https://www.softaculous.com/demos/CMSMadeSimple 1 log in as admin and go to Layout Design Manager Breadcrumbs 2 Click edit and...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/22 12:0 a.m.415 views

FreeIPA 4.10.1 Denial Of Service / Information Disclosure

Summary: Specially crafted HTTP requests can read files in the DC server. And use keytab files for authorization for different kerberos principals. Tested FreeIPA version: ipa-server-4.10.1 Details The "user" parameter in the HTTP URI "/sip/session/loginpassword" is inserted into the "run" functi...

7.4AI score0.0111EPSS
Exploits1
Packet Storm
Packet Storm
added 2024/02/22 12:0 a.m.590 views

QNAP QTS / QuTS Hero Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'QNAP QTS and QuTS Hero Unauthenticated Remote Code Execution in quick.cgi', 'Description' = %q There exists an unauthenticated command injection...

5.8CVSS7.4AI score0.89157EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/02/21 12:0 a.m.362 views

WEBIGniter 28.7.23 Cross Site Scripting

Exploit Title: WEBIGniter v28.7.23 Stored Cross Site Scripting XSS Exploit Author: Sagar Banwa Date: 19/10/2023 Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/cross-site-scripting Tested on: Windows 10/Kali Linux CVE :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/21 12:0 a.m.352 views

Fuelflow 1.0 SQL Injection

Title: fuelflow-1.0-Copyright-©-2024-Project-Develop-by-Mayuri-K-Multiple-SQLi Author: nu11secur1ty Date: 02/21/24 Vendor: https://www.mayurik.com/ Software: https://www.mayurik.com/source-code/P3584/best-petrol-pump-management-software Reference: https://portswigger.net/web-security/sql-injectio...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/21 12:0 a.m.311 views

OpenOLAT 18.1.5 Cross Site Scripting / Privilege Escalation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Stored Cross-Site Scripting Vulnerabilities product: OpenOLAT Frentix GmbH vulnerable version: = 18.1.4 and = 18.1.5 fixed version: 18.1.6 / 18.2 CVE number:...

7.4AI score0.00561EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/02/21 12:0 a.m.371 views

ITFlow Cross Site Request Forgery

CVE: CVE-2024-25344 CWE: CWE-352 Vendor: ITFlow.org Affected product: ITFlow - Before commit 432488eca3998c5be6b6b9e8f8ba01f54bc12378 Discoverer: stehled, WP-Pomoc.cz Attack-Type: Remote AV: Admin user has to open a page, provided by an attacker, which will then perform malicious request changing...

7.4AI score0.00741EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/02/21 12:0 a.m.509 views

WordPress 6.4.3 Username Disclosure

Title: wordpress 6.4.3 - Username Disclosure Author: h4shur date:2024-02-21 Vendor Homepage: https://www.wordpress.org Software Link: https://www.wordpress.org/download Version: 6.4.3 and earlier Tested on: Windows 10 & Google Chrome Category : Web Application Bugs Description : the REST API allo...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/02/21 12:0 a.m.773 views

Ivanti Connect Secure Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ivanti Connect Secure Unauthenticated Remote Code Execution', 'Description' = %q This module chains a server side request forgery SSRF...

9.1CVSS7.4AI score0.99999EPSS
Exploits26
Packet Storm
Packet Storm
added 2024/02/21 12:0 a.m.713 views

Yealink Configuration Encrypt Tool Static AES Key

CloudAware Security Advisory CVE-2024-24681: Insecure AES key in Yealink Configuration Encrypt Tool ======================================================================== Summary ======================================================================== A single, vendorwide, hardcoded AES key in...

7.4AI score0.01025EPSS
Exploits1
Total number of security vulnerabilities50738