cve/2019/CVE-2019-16067.md

### [CVE-2019-16067](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16067)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over HTTP for enforcing access control to the web application. The use of weak authentication transmitted over cleartext protocols can allow an attacker to steal username and password combinations by intercepting authentication traffic in transit.

### POC

#### Reference
- https://www.mogozobo.com/?p=3647
- https://www.mogozobo.com/?p=3647

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2019-16067](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16067)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over HTTP for enforcing access control to the web application. The use of weak authentication transmitted over cleartext protocols can allow an attacker to steal username and password combinations by intercepting authentication traffic in transit.`

			`### POC`

			`#### Reference`
			`- https://www.mogozobo.com/?p=3647`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://www.mogozobo.com/?p=3647`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00
			`#### Github`
			`No PoCs found on GitHub currently.`