ACEweb Online Portal 3.5.065 allows unauthenticated SMB hash capture via UNC. By specifying the UNC file path of an external SMB share when uploading a file, an attacker can induce the victim server to disclose the username and password hash of the user executing the ACEweb Online software.

Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku

Kaynak: National Vulnerability Database