ABB Cylon Aspect 3.07.02 suffers from a weak password policy in userManagement.php, allowing users to set simple or empty passwords and usernames without constraints. This flaw decreases account security, empowering attackers to misuse weak credentials for unauthorized access.
The exploit involves creating a malicious Windows theme file that contains a link to an attacker-controlled SMB server. When the victim opens this theme file, their NTLM hash is captured by the attacker. This vulnerability is identified as CVE-2024-21320.
An API-level vulnerability in Nagios Log Server 2024R1.3.1 allows any user with a valid API token to retrieve a full list of user accounts along with their plaintext API keys, including administrator credentials. This flaw enables user enumeration, privilege escalation, and full system compromise via unauthorized use of exposed tokens.
An attacker can access sensitive credentials including username, password, and host information by navigating to the storage/logs/laravel.log file in Laravel-based websites and searching for 'PDO->__construct('mysql:host='. This can lead to unauthorized access to the system.
IBM i Access Client Solutions (ACS) is vulnerable to remote credential theft on Windows workstations with NT LAN Manager (NTLM) enabled. By creating UNC paths in ACS 5250 display terminal configuration files, attackers can point to a malicious server, capturing NTLM hash information when the user opens the file, leading to credential theft.
Electrolink FM/DAB/TV Transmitter devices are prone to a credentials disclosure vulnerability. Attackers can exploit this issue to gain unauthorized access to sensitive information, potentially leading to further attacks.
IBM i Access Client Solutions (ACS) is vulnerable to remote credential theft when NT LAN Manager (NTLM) is enabled on Windows workstations. By creating UNC paths within ACS configuration files pointing to a malicious server, attackers can capture NTLM hash information and obtain user credentials.
ClickCMS is prone to a denial-of-service vulnerability and a CAPTCHA-bypass vulnerability. Attackers can leverage these issues to cause the affected server to stop responding or to bypass certain security mechanisms.
Exponent CMS 2.6 is vulnerable to Stored XSS, Database Credential Disclosure, and Authentication Bruteforce. An attacker can inject malicious code into the 'http://127.0.0.1:8082/expcms/text/edit/id/{id}/src/@footer' parameter to execute arbitrary code. Database credentials are disclosed in the response. An attacker can also brute force the authentication credentials using the provided python script.
NETGEAR ReadyNAS LAN /dbbroker Credential Stealing is a vulnerability that allows an attacker to steal credentials from a NETGEAR ReadyNAS LAN device. The exploit uses scapy to sniff the network traffic and extract the credentials from the POST request sent to the dbbroker. The credentials are then decoded from base64 and printed to the screen.
Services By CQR