2024-02-19 11:19:39
INCIBE
PUBLISHED
Encrypted database credentials in LaborOfficeFree affecting version 19.10. This vulnerability allows an attacker to read and extract the username and password from the database of LOF_service.exe and LaborOfficeFree.exe located in the %programfiles(x86)%LaborOfficeFree directory. This user can log in remotely and has root-like privileges.