VYPR

RVTools

by RVTools

CVEs (2)

  • CVE-2023-44303HigNov 24, 2023
    risk 0.49cvss 7.5epss 0.00

    RVTools, Version 3.9.2 and above, contain a sensitive data exposure vulnerability in the password encryption utility (RVToolsPasswordEncryption.exe) and main application (RVTools.exe). A remote unauthenticated attacker with access to stored encrypted passwords from a users'…

  • CVE-2020-27688HigNov 5, 2020
    risk 0.49cvss 7.5epss 0.02

    RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to be used in the configuration files. This encryption used a static IV and key, and thus using the Decrypt() method from VISKD.cs from the RVTools.exe executable allows for decrypting the encrypted…