{"uuid": "d20c4f5b-f64e-4172-9a91-7cb8ebc9f9de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7407", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9348", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-7407\n\ud83d\udd25 CVSS Score: 8.2 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Use of a custom password encoding algorithm\u00a0in Streamsoft Presti\u017c software allows straightforward decoding of passwords using their encoded forms, which are stored in the application's database. One has to know the encoding algorithm, but it can be deduced by observing how password are transformed.\u00a0\nThis issue was fixed in 18.2.377 version of the software.\n\ud83d\udccf Published: 2025-03-28T12:54:13.122Z\n\ud83d\udccf Modified: 2025-03-28T12:54:13.122Z\n\ud83d\udd17 References:\n1. https://cert.pl/en/posts/2025/03/CVE-2024-7407/\n2. https://www.streamsoft.pl/streamsoft-prestiz/", "creation_timestamp": "2025-03-28T13:28:04.000000Z"}