wecube-platform icon indicating copy to clipboard operation
wecube-platform copied to clipboard
verified publisher icon WeBankPartners

CWE-312 Cleartext Storage of Sensitive Information

Open 0x30Rizk opened this issue 3 years ago • 0 comments

描述您遇到的bug
terminal plugin <= v1.0.2,該密碼已明文顯示

如何重现 訪問至terminal plugin的configuratioin檔案

预期行为 顯示明文密碼,攻擊者可能透過這資訊ssh連線至主機

截图
01

附加

0x30Rizk avatar Aug 05 '22 12:08 0x30Rizk