CVE-2024-45713 – SolarWinds Kiwi CatTools Sensitive Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-45713
SolarWinds Kiwi CatTools is susceptible to a sensitive data disclosure vulnerability when a non-default setting has been enabled for troubleshooting purposes. • https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45713 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVE-2021-35230 – Unquoted Path Vulnerability (SMB Login) in Kiwi CatTools
https://notcve.org/view.php?id=CVE-2021-35230
As a result of an unquoted service path vulnerability present in the Kiwi CatTools Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry. Como resultado de una vulnerabilidad de ruta de servicio no citada presente en el Asistente de Instalación de Kiwi CatTools, un atacante local podría alcanzar privilegios escalados al insertar un ejecutable en la ruta del servicio afectado o en la entrada de desinstalación • https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35230 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •