Search Results | AttackerKB

Show filters

Topics 4 Users 9,714

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

4 Total Results

Displaying 1-4 of 4

Attacker Value

Unknown

CVE-2023-37362

Disclosure Date: July 19, 2023 (last updated October 08, 2023)

Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2023-35134

Disclosure Date: July 19, 2023 (last updated October 08, 2023)

Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-34429

Disclosure Date: July 19, 2023 (last updated October 08, 2023)

Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2023-32657

Disclosure Date: July 19, 2023 (last updated October 08, 2023)

Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses.

Attack Vector: Network Privileges: None User Interaction: None

0