CVE-2022-38121

Publication date

2022-11-10 02:20:42

Family

twcert

State

PUBLISHED

Description

UPSMON PRO configuration file stores user password in plaintext under public user directory. A remote attacker with general user privilege can access all users‘ and administrators account names and passwords via this unprotected configuration file.