CVE-2020-6857
published 2020-01-21CVE-2020-6857: CarbonFTP v1.4 uses insecure proprietary password encryption with a hard-coded weak encryption key. The key for local FTP server passwords is hard-coded in the…
PriorityP428medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
EXPLOIT
EPSS
0.97%
57.3th percentile
CarbonFTP v1.4 uses insecure proprietary password encryption with a hard-coded weak encryption key. The key for local FTP server passwords is hard-coded in the binary.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| taskautomation | carbonftp | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Neowise CarbonFTP 1.4 - Insecure Proprietary Password Encryption
exploitdb·2020-04-21·CVSS 5.5
CVE-2020-6857 [MEDIUM] Neowise CarbonFTP 1.4 - Insecure Proprietary Password Encryption
Neowise CarbonFTP 1.4 - Insecure Proprietary Password Encryption
---
# Title: Neowise CarbonFTP 1.4 - Insecure Proprietary Password Encryption
# Date: 2020-04-20
# Author: hyp3rlinx
# Vendor:
# CVE: CVE-2020-6857
import time, string, sys, argparse, os, codecs
#Fixed: updated for Python 3, the hex decode() function was not working in Python 3 version.
#This should be compatible for Python 2 and 3 versions now, tested successfully.
#Sample test password
#LOOOOONGPASSWORD! = 219042273422734224782298223744247862350210947
key="97F" #2431 in decimal, the weak hardcoded encryption key within the vuln program.
chunk_sz=5 #number of bytes we must decrypt the password by.
#Password is stored here:
#C:\Users\\AppData\Roaming\Neowise\CarbonFTPProjects\.CFTP
#Neowise CarbonFTP v1.4
#Insecure Pro
Exploit-DB
NEOWISE CARBONFTP 1.4 - Weak Password Encryption
exploitdb·2020-01-21·CVSS 5.5
[MEDIUM] NEOWISE CARBONFTP 1.4 - Weak Password Encryption
NEOWISE CARBONFTP 1.4 - Weak Password Encryption
---
# Exploit Title: NEOWISE CARBONFTP 1.4 - Weak Password Encryption
# discovery Date: 2019-01-24
# published : 2020-01-20
# Exploit Author: hyp3rlinx
# Vendor Homepage: https://www.neowise.com
# Software Link: https://www.neowise.com/freeware/
# Version: 1.4
[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/NEOWISE-CARBONFTP-v1.4-INSECURE-PROPRIETARY-PASSWORD-ENCRYPTION.txt
[+] twitter.com/hyp3rlinx
[+] ISR: ApparitionSec
[Vendor]
www.neowise.com
[Product]
CarbonFTP v1.4
CarbonFTP is a file synchronization tool that enables you to synch local files with a remote FTP server and vice versa.
It provides a step-by-step wizard to select the folders to be s
No writeups or analysis indexed.
http://hyp3rlinx.altervista.orghttp://packetstormsecurity.com/files/156015/Neowise-CarbonFTP-1.4-Insecure-Proprietary-Password-Encryption.htmlhttp://packetstormsecurity.com/files/157321/Neowise-CarbonFTP-1.4-Insecure-Proprietary-Password-Encryption.htmlhttp://seclists.org/fulldisclosure/2020/Jan/29http://seclists.org/fulldisclosure/2020/Jan/35https://seclists.org/bugtraq/2020/Jan/30http://hyp3rlinx.altervista.orghttp://packetstormsecurity.com/files/156015/Neowise-CarbonFTP-1.4-Insecure-Proprietary-Password-Encryption.htmlhttp://packetstormsecurity.com/files/157321/Neowise-CarbonFTP-1.4-Insecure-Proprietary-Password-Encryption.htmlhttp://seclists.org/fulldisclosure/2020/Jan/29http://seclists.org/fulldisclosure/2020/Jan/35https://seclists.org/bugtraq/2020/Jan/30
2020-01-21
Published