CVE-2024-29844

Name of the Vulnerable Software and Affected Versions Evolution Controller versions 2.x

Description The issue concerns default credentials on the Web Interface of the affected software, allowing unauthorized access to perform administrative functions. Upon installation or first login, the application does not prompt the user to change the default password, and there is no warning about this potential security risk.

Recommendations For Evolution Controller versions 2.x, change the default password immediately after installation or first login to prevent unauthorized access. As a temporary workaround, consider restricting access to the Web Interface until the default password is changed.