cve/2023/CVE-2023-33730.md

### [CVE-2023-33730](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33730)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/sahiloj/CVE-2023-33730
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-33730](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33730)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/nomi-sec/PoC-in-GitHub`
			`- https://github.com/sahiloj/CVE-2023-33730`