Tencent tdsqlpcloud through 1.8.5 allows unauthenticated remote attackers to discover database credentials via an index.php/api/install/get_db_info request, a related issue to CVE-2023-42387.
References
Link | Resource |
---|---|
https://github.com/Narrator21/tdsql/blob/main/20230927.md | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-12-31T00:00:00
Updated: 2023-12-31T06:56:04.687094
Reserved: 2023-12-31T00:00:00
Link: CVE-2023-52286
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-31T07:15:07.580
Modified: 2024-01-05T22:06:41.313
Link: CVE-2023-52286
JSON object: View
Redhat Information
No data.
CWE