← volver
CVE-2020-21994

CVE-2020-21994

EPSS 3.7%
AVE DOMINAplus <=1.10.x suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file '/xml/authClients.xml' and obtain administrative login information that allows for a successful authentication bypass attack.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://cwe.mitre.org/data/definitions/522.htmlhttps://www.exploit-db.com/exploits/47819https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5550.php