VYPR

Education Pro

by Impero Software

CVEs (2)

  • CVE-2015-5998Sep 14, 2015
    risk 0.00cvss epss 0.03

    Impero Education Pro before 5105 relies on the -1|AUTHENTICATE\x02PASSWORD string for authentication, which allows remote attackers to execute arbitrary programs via an encrypted command.

  • CVE-2015-5997Sep 14, 2015
    risk 0.00cvss epss 0.02

    Impero Education Pro before 5105 uses a hardcoded CBC key and initialization vector derived from a hash of the Imp3ro string, which makes it easier for remote attackers to obtain plaintext data by sniffing the network for ciphertext data.