CVE-2022-24581

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://aceware.com", "name": "http://aceware.com", "tags": [], "refsource": "MISC"}, {"url": "http://aceweb.com", "name": "http://aceweb.com", "tags": [], "refsource": "MISC"}, {"url": "https://www.aceware.com/forum/viewtopic.php?f=7&t=481", "name": "https://www.aceware.com/forum/viewtopic.php?f=7&t=481", "tags": [], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "ACEweb Online Portal 3.5.065 allows unauthenticated SMB hash capture via UNC. By specifying the UNC file path of an external SMB share when uploading a file, an attacker can induce the victim server to disclose the username and password hash of the user executing the ACEweb Online software."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2022-24581", "ASSIGNER": "cve@mitre.org"}}, "impact": {}, "publishedDate": "2022-06-02T14:15Z", "configurations": {"nodes": [], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-06-02T14:53Z"}