CVE-2023-33730

Published May 31st, 2023

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format.

sahiloj/CVE-2023-33730

CVE-2023-33730 | eScan Management Console 14.0.1400.2281 | Privilege escalation via `GetUserCurrentPwd` function lets attackers retrieve any user's password in plain text.

GitHub