← back
CVE-2024-28275

CVE-2024-28275

CVSS 6.5 MEDIUMEPSS 0.3%CWE-319
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.5EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
03 Apr 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Puwell Cloud Tech Co, Ltd 360Eyes Pro v3.9.5.16(3090516) was discovered to transmit sensitive information in cleartext. This vulnerability allows attackers to intercept and access sensitive information, including users' credentials and password change requests.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://paste.sr.ht/~edaigle/0b4a037fbd3166c8c72fee18efaa7decaf75b0abhttps://paste.sr.ht/~edaigle/c9637d682b65e6501efb1324bba7787a2f775ff4