CVE-2024-40457 | No-IP Dynamic Update Client 3.x /etc/default/noip-duc missing encryption

Posted by Angelo Barbosa | Sep 12, 2024 | CVE

A vulnerability was found in No-IP Dynamic Update Client 3.x. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /etc/default/noip-duc. The manipulation leads to missing encryption of sensitive data.

This vulnerability is known as CVE-2024-40457. Local access is required to approach this attack. There is no exploit available.

The real existence of this vulnerability is still doubted at the moment.

CVE-2024-40457 | No-IP Dynamic Update Client 3.x /etc/default/noip-duc missing encryption

Related Posts

CVE-2024-7114 | Tianchoy Blog up to 1.8.8 /so.php search sql injection

CVE-2024-36010 | Linux Kernel prior 6.8 igb_main.c igb_set_fw_version allocation of resources (c56d055893cb)

CVE-2024-7795 | Autel MaxiCharger AC Elite Business C50 AppAuthenExchangeRandomNum stack-based overflow (ZDI-24-1154)

CVE-2024-1959 | Social Sharing Plugin Plugin up to 4.4.6.1 on WordPress Shortcode cross site scripting