Published: 19/02/2024 Updated: 20/02/2024

Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an malicious user to calculate the root password of the MySQL database used by LaborOfficeFree using two constants.

LaborOfficeFree installs a MySQL instance that runs as SYSTEM and calculates the MySQL root password based on two constants Each time the program needs to connect to MySQL as root, it employs the reverse algorithm to calculate the root password This issue has been tested on version 1910 exclusively, but allegedly, versions prior to 1910 are als ...

Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants.

CVE-2024-1346 Weak MySQL database root password in LaborOfficeFree affects version 1910 This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants Exploit Title: LaborOfficeFree 1910 MySQL Root Password Calculator - CVE-2024-1346 Google Dork: N/A Date: 09/02/2023 Exploit Author: Peter Gabaldon - htt

CWE-521 https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-laborofficefree https://nvd.nist.gov https://github.com/PeterGabaldon/CVE-2024-1346 https://packetstormsecurity.com/files/177087/LaborOfficeFree-19.10-MySQL-Root-Password-Calculator.html

CVE-2024-1346

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect