CVE-2024-1346

Summary

Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants.

Affected Software

VendorProductVersion RangeStatus
LaborOfficeFreeLaborOfficeFree19.10affected

Weaknesses

  • CWE-521: CWE-521 Weak Password Requirements

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References