{"uuid": "7783dd98-9cac-4f56-83e9-025e8b1beb5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39420", "type": "seen", "source": "https://t.me/cibsecurity/70074", "content": "\u203c CVE-2023-39420 \u203c\n\nThe RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user to connect to customers with an \"admin\" account and a corresponding password computed daily by a routine inside the DLL file. Once reverse-engineered, this routine can help an attacker generate the daily password and connect to application customers. Given that this is an administrative account, anyone logging into a customer deployment has full, unrestricted access to the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-07T16:19:01.000000Z"}