Vulnerability Details CVE-2021-26550
An issue was discovered in SmartFoxServer 2.17.0. Cleartext password disclosure can occur via /config/server.xml.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.2%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 2.1
References
- http://packetstormsecurity.com/files/161337/SmartFoxServer-2X-2.17.0-Credential-Disclosure.html
- https://www.smartfoxserver.com/
- https://www.zeroscience.mk/en/vulnerabilities/
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5627.php
- http://packetstormsecurity.com/files/161337/SmartFoxServer-2X-2.17.0-Credential-Disclosure.html
- https://www.smartfoxserver.com/
- https://www.zeroscience.mk/en/vulnerabilities/
- https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5627.php
Products affected by CVE-2021-26550
-
cpe:2.3:a:smartfoxserver:smartfoxserver:2.17.0