| CVE ID | |
| CVSS SCORE | 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P |
| AFFECTED VENDORS |
Ecava |
| AFFECTED PRODUCTS |
IntegraXor |
| VULNERABILITY DETAILS |
The specific flaw exists within the storing of credentials in cleartext. The issue lies in the ability to bypass file access restrictions. This can be used along with the automatic creation of backup files, which are created whenever changes are made to a project. By abusing this flaw an attacker can disclose credentials and possibly leverage this situation to achieve remote code execution. |
| ADDITIONAL DETAILS | |
| DISCLOSURE TIMELINE |
|
| CREDIT | Alphazorx aka technically.screwed |
