How severe is CVE-2023-33730?

CVE-2023-33730 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2023-33730

Name: escan_management_console
Author: escanav

9.8CRITICAL

Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user

发布于: 5/31/2023更新于: 1/10/2025

描述

Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format.

AI分析AI驱动

受影响产品

escanavescan_management_console

14.0.1400.2281

参考资料

https://github.com/sahiloj/CVE-2023-33730/blob/main/CVE-2023-33730.md
ExploitThird Party Advisory
https://github.com/sahiloj/CVE-2023-33730/blob/main/CVE-2023-33730.md
ExploitThird Party Advisory