Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file ~/Library/Application Support/Aquarius/aquarius.settings using a weak obfuscation scheme. The password is "encrypted" through predictable byte-substitution that can be trivially reversed, allowing immediate recovery of the plaintext value. Any attacker who can read this settings file can fully compromise the victim's Aquarius account by importing the stolen configuration into their own client or login through the vendor website. This results in complete account takeover, unauthorized access to cloud-synchronized data, and the ability to perform authenticated actions as the user.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Plugin Alliance Aquarius Desktop 安全漏洞
Vulnerability Description
Plugin Alliance Aquarius Desktop是美国Plugin Alliance公司的一个音频插件管理软件。 Plugin Alliance Aquarius Desktop 3.0.069版本存在安全漏洞,该漏洞源于使用弱混淆方案存储用户认证凭据,可能导致账户完全接管。
CVSS Information
N/A
Vulnerability Type
N/A