CVE-2024-1346
Description
Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants.
NVD
Severity: N/A
CVE ID: CVE-2024-1346
CVSS Score: N/A
CVSS Metrics: NVD assessment not yet provided.
Spanish National Cybersecurity Institute, S.A. (INCIBE)
Severity: MEDIUM
CVE ID: CVE-2024-1346
CVSS Score: 6.8
CVSS Metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Proof Of Concept
PeterGabaldon
Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants.
Refrence: GitHub