Lucene search
Veracode Vulnerability DatabaseVERACODE:36971HistorySep 08, 2022 - 4:37 a.m.
Weak Encryption
2022-09-0804:37:34
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.091 Low
EPSS
Percentile
94.7%
Blink1Control2 contains weak encryption. The vulnerability exists in start function in server/skypeService.js because the passwords in event rules are not properly handled, allowing an attacker to access unauthorized information in the system.
| CPE | Name | Operator | Version |
|---|---|---|---|
| blink1control2 | le | 2.2.2 | |
| blink1control2 | le | 2.2.2 |
References
packetstormsecurity.com/files/168428/Blink1Control2-2.2.7-Weak-Password-Encryption.html
github.com/advisories/GHSA-jqhq-pfg3-fg5p
github.com/p1ckzi/CVE-2022-35513
github.com/todbot/Blink1Control2/commit/efe174823f67bbdcee8863e02df67a130f132075
github.com/todbot/Blink1Control2/issues/175
github.com/todbot/Blink1Control2/releases
github.com/topics/cve-2022-35513
Related
zdt
zdt
Blink1Control2 2.2.7 - Weak Password Encryption Exploit
2022-09-20 00:00:00
prion
prion
Design/Logic Flaw
2022-09-07 14:15:00
cve
cve
CVE-2022-35513
2022-09-07 14:15:09
github
github
Blink1Control2 uses weak password encryption
2022-09-08 00:00:30
packetstorm
packetstorm
Blink1Control2 2.2.7 Weak Password Encryption
2022-09-20 00:00:00
osv
osv
Blink1Control2 uses weak password encryption
2022-09-08 00:00:30
CVE-2022-35513
2022-09-07 14:15:09
cvelist
cvelist
CVE-2022-35513
2022-09-07 13:54:18
nvd
nvd
CVE-2022-35513
2022-09-07 14:15:09
exploitdb
exploitdb
Blink1Control2 2.2.7 - Weak Password Encryption
2022-09-20 00:00:00