Main Vulnerability Database Exploits ID:10944 - Exploit for Use of hard-coded credentials in Web Help Desk - CVE-2024-28987

ID:10944 - Exploit for Use of hard-coded credentials in Web Help Desk - CVE-2024-28987

Published: December 6, 2024

Vulnerability identifier: #VU96465

Vulnerability risk: Critical

CVE-ID: CVE-2024-28987

CWE-ID: CWE-798

Exploitation vector: Remote access

Vulnerable software:
Web Help Desk

Link to public exploit:

https://github.com/gh-ost00/CVE-2024-28987-POC

Vulnerability description

The vulnerability allows a remote attacker to gain full access to vulnerable system.

The vulnerability exists due to presence of hard-coded credentials in application's code. A remote unauthenticated attacker can access the affected system using the hard-coded credentials.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install update from vendor's website.

ID:10944 - Exploit for Use of hard-coded credentials in Web Help Desk - CVE-2024-28987

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human