RSS   Vulnerabilities for 'Impero education pro'   RSS

2015-09-14
 
CVE-2015-5998

 

 
Impero Education Pro before 5105 relies on the -1|AUTHENTICATE\x02PASSWORD string for authentication, which allows remote attackers to execute arbitrary programs via an encrypted command.

 
 
CVE-2015-5997

 

 
Impero Education Pro before 5105 uses a hardcoded CBC key and initialization vector derived from a hash of the Imp3ro string, which makes it easier for remote attackers to obtain plaintext data by sniffing the network for ciphertext data.

 


Copyright 2024, cxsecurity.com

 

Back to Top