cve/2024/CVE-2024-1346.md

### [CVE-2024-1346](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1346)
![](https://img.shields.io/static/v1?label=Product&message=LaborOfficeFree%20&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%2019.10%20%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-521%20Weak%20Password%20Requirements&color=brighgreen)

### Description

Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/PeterGabaldon/CVE-2024-1346
- https://github.com/nomi-sec/PoC-in-GitHub
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2024-1346](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1346)`
			`![](https://img.shields.io/static/v1?label=Product&message=LaborOfficeFree%20&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%2019.10%20%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-521%20Weak%20Password%20Requirements&color=brighgreen)`

			`### Description`

			`Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/PeterGabaldon/CVE-2024-1346`
			`- https://github.com/nomi-sec/PoC-in-GitHub`