Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Rhinode Trading Paints through 2.0.36. TP Updater.exe uses cleartext HTTP to check, and request, updates. Thus, attackers can man-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Rhinode Trading Paints 安全漏洞
Vulnerability Description
Rhinode Trading Paints是美国Rhinode公司的用于为 iRacing 添加了定制的汽车涂装。 Rhinode Trading Paints 2.0.36之前版本存在安全漏洞,该漏洞源于 TP Updater.exe使用明文HTTP来检查和请求更新。因此,攻击者利用该漏洞可以用恶意二进制文件来代替真正的更新诱使攻击者下载,而不会出现SSL错误或警告。
CVSS Information
N/A
Vulnerability Type
N/A