An improper input validation vulnerability has been discovered that could allow an adversary to inject a UNC path via a malicious project file. This allows an adversary to capture NLTMv2 hashes and potentially crack them offline.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ptc kepware kepserverex |
||
ptc thingworx kepware server |
||
ptc thingworx industrial connectivity |