Skip to main content

Dtisqlinstaller

2 CVEs product

Monthly

CVE-2018-5552 LOW POC Monitor

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contains a hard-coded cryptographic salt, "S@l+&pepper". Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Information Disclosure Dtisqlinstaller
NVD
CVSS 3.0
3.3
EPSS
0.2%
CVE-2018-5551 CRITICAL POC Act Now

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contain three credentials with known passwords: QDMaster, OTMaster, and sa. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Microsoft Dtisqlinstaller
NVD
CVSS 3.0
10.0
EPSS
1.7%
EPSS 0% CVSS 3.3
LOW POC Monitor

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contains a hard-coded cryptographic salt, "S@l+&pepper". Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Information Disclosure Dtisqlinstaller
NVD
EPSS 2% CVSS 10.0
CRITICAL POC Act Now

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contain three credentials with known passwords: QDMaster, OTMaster, and sa. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Microsoft Dtisqlinstaller
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy