CVE-2024-1224

HIGH Year: 2024
CVSS v3 Score
7.1
High
Weakness Type
CWE-326
View all →

Vulnerability Description

This vulnerability exists in USB Pratirodh due to the usage of a weaker cryptographic algorithm (hash) SHA1 in user login component. A local attacker with administrative privileges could exploit this vulnerability to obtain the password of USB Pratirodh on the targeted system. Successful exploitation of this vulnerability could allow the attacker to take control of the application and modify the access control of registered users or devices on the targeted system.

Related Vulnerabilities

CVE-2018-18767

HIGH
CVSS:7.0(High)

An issue was discovered in D-Link 'myDlink Baby App' version 2.04.06. Whenever actions are performed from the app (e.g., change camera settings or play lullabies), it communicates directly with the Wi...

CWE-3262018

CVE-2023-27389

HIGH
CVSS:7.2(High)

Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker with an administrative privilege to apply a specially crafted Firmware update file...

CWE-3262023

CVE-2020-7565

HIGH
CVSS:7.3(High)

A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to break the encryption key when the attacker has captured t...

CWE-3262020

CVE-2025-46626

HIGH
CVSS:7.3(High)

Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or forge traffic t...

CWE-3262025

CVE-2017-5535

MEDIUM
CVSS:6.8(Medium)

The GridServer Broker, GridServer Driver, and GridServer Engine components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities related to both the improper use of encry...

CWE-3262017

CVE-2020-27208

MEDIUM
CVSS:6.8(Medium)

The flash read-out protection (RDP) level is not enforced during the device initialization phase of the SoloKeys Solo 4.0.0 & Somu and the Nitrokey FIDO2 token. This allows an adversary to downgrade t...

CWE-3262020