← Volver a CVEs
CVE-2025-26849
MEDIUM4.3
Descripcion
There is a Hard-coded Cryptographic Key in Docusnap 13.0.1440.24261, and earlier and later versions. This key can be used to decrypt inventory files that contain sensitive information such as firewall rules.
Detalles CVE
Puntuacion CVSS v3.14.3
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado3/4/2025
Ultima modificacion7/7/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
docusnap:docusnap
Debilidades (CWE)
CWE-1394
Referencias
https://docs.docusnap.com/en/release-notes/changelog/(cve@mitre.org)
https://www.redteam-pentesting.de/en/advisories/rt-sa-2024-012/(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.