Critical severity9.8NVD Advisory· Published Jul 19, 2021· Updated Jun 17, 2026
CVE-2021-35965
CVE-2021-35965
Description
The Orca HCM digital learning platform uses a weak factory default administrator password, which is hard-coded in the source code of the webpage in plain text, thus remote attackers can obtain administrator’s privilege without logging in.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Learningdigital.com, Inc./Orca HCMv5Range: unspecified
Patches
Vulnerability mechanics
References
2- www.chtsecurity.com/news/ba7b3ae7-14f3-4970-b3f6-4d97d8c7ea25nvdThird Party Advisory
- www.twcert.org.tw/tw/cp-132-4925-86733-1.htmlnvdThird Party Advisory
News mentions
0No linked articles in our index yet.