CVE-2022-22789
Charactell - FormStorm Enterprise Account Take Over
Charactell - FormStorm Enterprise Account takeover – An attacker can modify (add, remove and update) passwords file for all the users. The xx_users.ini file in the FormStorm folder contains usernames in cleartext and an obfuscated password. Malicious user can take over an account by replacing existing password in the file.
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L
Produtos afetados
Charactell · FormStorm EnterpriseQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →