sahiloj/CVE-2023-33730

Releases0

Stars1

CVE-2023-33730 | eScan Management Console 14.0.1400.2281 | Privilege escalation via `GetUserCurrentPwd` function lets attackers retrieve any user's password in plain text.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-33730 ↗	May 31, 2023Wednesday, 31 May 2023, 20:15	9.8 CRITICAL	—
Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format.