exploitDog

CVE-2019-19021

Опубликовано: 02 дек. 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

An issue was discovered in TitanHQ WebTitan before 5.18. It has a hidden support account (with a hard-coded password) in the web administration interface, with administrator privileges. Anybody can log in with this account.

Ссылки

https://write-up.github.io/webtitan/
Exploit
Third Party Advisory
https://www.webtitan.com/resources/product-updates/
Release Notes
Vendor Advisory
https://write-up.github.io/webtitan/
Exploit
Third Party Advisory
https://www.webtitan.com/resources/product-updates/
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:titanhq:webtitan:*:*:*:*:*:*:*:*

Версия до 5.18 (исключая)

EPSS

Процентиль: 62%

0.00436

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-798

Связанные уязвимости

GHSA-rcmf-fgmg-6243

github

больше 3 лет назад

An issue was discovered in TitanHQ WebTitan before 5.18. It has a hidden support account (with a hard-coded password) in the web administration interface, with administrator privileges. Anybody can log in with this account.

EPSS

Процентиль: 62%

0.00436

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-798