Lucene search
Veracode Vulnerability DatabaseVERACODE:36971HistorySep 08, 2022 - 4:37 a.m.
Weak Encryption
2022-09-0804:37:34
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
weak encryption
blink1control2
vulnerability
start function
server
event rules
unauthorized access
software
EPSS
0.091
Percentile
94.7%
Blink1Control2 contains weak encryption. The vulnerability exists in start function in server/skypeService.js because the passwords in event rules are not properly handled, allowing an attacker to access unauthorized information in the system.
References
packetstormsecurity.com/files/168428/Blink1Control2-2.2.7-Weak-Password-Encryption.html
github.com/advisories/GHSA-jqhq-pfg3-fg5p
github.com/p1ckzi/CVE-2022-35513
github.com/todbot/Blink1Control2/commit/efe174823f67bbdcee8863e02df67a130f132075
github.com/todbot/Blink1Control2/issues/175
github.com/todbot/Blink1Control2/releases
github.com/topics/cve-2022-35513
Related
prion
prion
Design/Logic Flaw
2022-09-07 14:15:00
zdt
zdt
Blink1Control2 2.2.7 - Weak Password Encryption Exploit
2022-09-20 00:00:00
github
github
Blink1Control2 uses weak password encryption
2022-09-08 00:00:30
cve
cve
CVE-2022-35513
2022-09-07 14:15:09
osv
osv
CVE-2022-35513
2022-09-07 14:15:09
Blink1Control2 uses weak password encryption
2022-09-08 00:00:30
cvelist
cvelist
CVE-2022-35513
2022-09-07 13:54:18
nvd
nvd
CVE-2022-35513
2022-09-07 14:15:09
exploitdb
exploitdb
Blink1Control2 2.2.7 - Weak Password Encryption
2022-09-20 00:00:00
packetstorm
packetstorm
Blink1Control2 2.2.7 Weak Password Encryption
2022-09-20 00:00:00