← voltar
CVE-2020-21994

CVE-2020-21994

EPSS 3.7%
AVE DOMINAplus <=1.10.x suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file '/xml/authClients.xml' and obtain administrative login information that allows for a successful authentication bypass attack.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://cwe.mitre.org/data/definitions/522.htmlhttps://www.exploit-db.com/exploits/47819https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5550.php