CVE-2024-43812

HIGH Year: 2024
CVSS v3 Score
8.4
High
Weakness Type
CWE-522
View all →

Vulnerability Description

Kieback & Peter's DDC4000 series has an insufficiently protected credentials vulnerability, which may allow an unauthenticated attacker with access to /etc/passwd to read the password hashes of all users on the system.

Related Vulnerabilities

CVE-1999-0013

HIGH
CVSS:8.4(High)

Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user.

CWE-5221999

CVE-2017-18777

HIGH
CVSS:8.4(High)

Certain NETGEAR devices are affected by administrative password disclosure. This affects D6220 before V1.0.0.28, D6400 before V1.0.0.60, D8500 before V1.0.3.29, DGN2200v4 before 1.0.0.82, DGN2200Bv4 b...

CWE-5222017

CVE-2017-18843

HIGH
CVSS:8.4(High)

Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects R6700v2 before 1.1.0.38, R6800 before 1.1.0.38, and D7000 before 1.0.1.50.

CWE-5222017

CVE-2017-18844

HIGH
CVSS:8.4(High)

Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects R6700v2 before 1.1.0.38, R6800 before 1.1.0.38, and D7000 before 1.0.1.50.

CWE-5222017

CVE-2017-18845

HIGH
CVSS:8.4(High)

Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects R6700v2 before 1.1.0.38 and R6800 before 1.1.0.38.

CWE-5222017

CVE-2017-5700

HIGH
CVSS:8.4(High)

Insufficient protection of password storage in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to bypass Administrator ...

CWE-5222017