Page 2 of 11 results (0.008 seconds)
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-49599
https://notcve.org/view.php?id=CVE-2023-49599
10 Jan 2024 — An insufficient entropy vulnerability exists in the salt generation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted series of HTTP requests can lead to privilege escalation. An attacker can gather system information via HTTP requests and brute force the salt offline, leading to forging a legitimate password recovery code for the admin user. Existe una vulnerabilidad de entropía insuficiente en la funcionalidad salt generation de WWBN AVideo dev master commit 15fed957fb. Una se... • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1900 • CWE-331: Insufficient Entropy •