Security Advisory

CVE-2021-40846

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-03-04 21:33:05

Last updated 2024-08-04 02:51:07

Assigner mitre

State PUBLISHED

Description

An issue was discovered in Rhinode Trading Paints through 2.0.36. TP Updater.exe uses cleartext HTTP to check, and request, updates. Thus, attackers can man-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings.

← Browse all CVEs View on cve.org ↗