exploitDog

CVE-2025-26849

Опубликовано: 04 мар. 2025

Источник: nvd

CVSS3: 4.3

EPSS Низкий

Описание

There is a Hard-coded Cryptographic Key in Docusnap 13.0.1440.24261, and earlier and later versions. This key can be used to decrypt inventory files that contain sensitive information such as firewall rules.

Ссылки

https://docs.docusnap.com/en/release-notes/changelog/
Release Notes
https://www.redteam-pentesting.de/en/advisories/rt-sa-2024-012/
Exploit
Third Party Advisory
https://www.redteam-pentesting.de/en/advisories/rt-sa-2024-012/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:docusnap:docusnap:*:*:*:*:*:*:*:*

Версия до 13.0.1440.24261 (включая)

EPSS

Процентиль: 13%

0.00044

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-1394

Связанные уязвимости

GHSA-rgwp-j8mq-fhc5

CVSS3: 4.3

github

11 месяцев назад

There is a Hard-coded Cryptographic Key in Docusnap 13.0.1440.24261, and earlier and later versions.

EPSS

Процентиль: 13%

0.00044

Низкий

4.3 Medium

CVSS3

Дефекты

CWE-1394