D-Link D-View 8 Hard-coded JWT Key (CVE-2023-5074)

The D-Link D-View 8 web server running on the remote host uses a hard-coded key to protect a JWT token. An unauthenticated, remote attacker can exploit this, via a specially crafted message, to bypass ...

Continue Reading
Make API Management Less Scary for Your Organization

[![API Management](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASUVORK5CYII=)]() While application development has evolved rapidly, the API man ...

Continue Reading
Hardcoded credentials

Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the applicatio ...

Continue Reading
CVE-2023-31579

Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the applicatio ...

Continue Reading
Design/Logic Flaw

light-oauth2 before version 2.1.27 obtains the public key without any verification. This could allow attackers to authenticate to the application with a crafted JWT token.Read More ...

Continue Reading
Dromara Lamp-Cloud Use of Hard-coded Cryptographic Key

Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the applicatio ...

Continue Reading
CVE-2023-31580

light-oauth2 before version 2.1.27 obtains the public key without any verification. This could allow attackers to authenticate to the application with a crafted JWT token.Read More ...

Continue Reading
Dromara Lamp-Cloud Use of Hard-coded Cryptographic Key

Dromara Lamp-Cloud before v3.8.1 was discovered to use a hardcoded cryptographic key when creating and verifying a Json Web Token. This vulnerability allows attackers to authenticate to the applicatio ...

Continue Reading

Back to Main

Subscribe for the latest news: