Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Use of Hard-coded Credentials in RDPCore.dll
Vulnerability Description
The RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user to connect to customers with an "admin" account and a corresponding password computed daily by a routine inside the DLL file. Once reverse-engineered, this routine can help an attacker generate the daily password and connect to application customers. Given that this is an administrative account, anyone logging into a customer deployment has full, unrestricted access to the application.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
使用硬编码的凭证
Vulnerability Title
Internet Reservation Module Booking Engine 信任管理问题漏洞
Vulnerability Description
Internet Reservation Module Booking Engine是一个预定平台。 Internet Reservation Module Booking Engine存在信任管理问题漏洞,该漏洞源于。
CVSS Information
N/A
Vulnerability Type
N/A