by vicarius
log in join community
by @secatgourity
03 Jul 2024
#existing_exploit_analysis

Analyze a CVE exploitation

publish

Understanding the latest MSP credential disclosure vector (CVE-2024-39206)

by @secatgourity
by @secatgourity
03 Jul 2024
#existing_exploit_analysis

Analyze a CVE exploitation

publish

Understanding the latest MSP credential disclosure vector (CVE-2024-39206)

CVEs

CVE-2024-39206
7.5 High Severity

Screenshots from the blog posts

images/cly5j3rsheh8q1gmw6if409sg.jpgimages/cly5j3rsheh8q1gmw6if409sg.jpg

Summary

In this post, we will uncover the magic and decrypt the encrypted passwords for CloudBerry Backup by digging deeper into CVE-2024-39206 vulnerability and understand how it can prove dangerous and let an attacker steal the plain-text passwords.

Script link

GitHub - proactivelabs/msp360-credential-decrypter

Contribute to proactivelabs/msp360-credential-decrypter development by creating an account on GitHub.

image

Description

Tags

#passwords#trendingCVE#latest-tech-stories#MSP360-Backup-Agent#MSP360#decryption#hard-coded-encryption-key

@secatgourity

175 posts

Total vcoins

113.7K

Social media links

Comments (0)