Security Advisory

CVE-2023-29446

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-01-10 20:21:51

Last updated 2024-11-14 17:23:37

Assigner Dragos

State PUBLISHED

Description

An improper input validation vulnerability has been discovered that could allow an adversary to inject a UNC path via a malicious project file. This allows an adversary to capture NLTMv2 hashes and potentially crack them offline.

← Browse all CVEs View on cve.org ↗