Unrated severityNVD Advisory· Published Jun 18, 2008· Updated Apr 23, 2026

CVE-2008-2747

Description

No-IP Dynamic Update Client (DUC) 2.2.1 on Windows uses weak permissions for the HKLM\SOFTWARE\Vitalwerks\DUC registry key, which allows local users to obtain obfuscated passwords and other sensitive information by reading the (1) TrayPassword, (2) Username, (3) Password, and (4) Hosts registry values.

Affected products

No Ip/Dynamic Update Client
cpe:2.3:a:no-ip:dynamic_update_client:2.2.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/30714nvdVendor Advisory
securityreason.com/securityalert/3952nvd
www.securityfocus.com/archive/1/493367/100/0/threadednvd
www.securityfocus.com/bid/29758nvd
exchange.xforce.ibmcloud.com/vulnerabilities/43298nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000