Vulnerabilities

CVE-2024-1344

by Fred · 19/02/2024

Encrypted database credentials in LaborOfficeFree affecting version 19.10. This vulnerability allows an attacker to read and extract the username and password from the database of ‘LOF_service.exe’ and ‘LaborOfficeFree.exe’ located in the ‘%programfiles(x86)%LaborOfficeFree’ directory. This user can log in remotely and has root-like privileges.

More information : https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-laborofficefree

Similar

Tags: Cybersecurity Alert