Security Advisory

CVE-2022-24581

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-05-27 18:29:47

Last updated 2024-08-03 04:13:56

Assigner mitre

State PUBLISHED

Description

ACEweb Online Portal 3.5.065 allows unauthenticated SMB hash capture via UNC. By specifying the UNC file path of an external SMB share when uploading a file, an attacker can induce the victim server to disclose the username and password hash of the user executing the ACEweb Online software.

← Browse all CVEs View on cve.org ↗