PT-2025-22354 · Itech · Ilabclient
Published
2025-05-21
·
Updated
2025-12-27
·
CVE-2024-56429
CVSS v3.1
7.7
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
itech iLabClient version 3.7.1
Description
The issue concerns the use of a hard-coded key
YngAYdgAE/kKZYu2F2wm6w== found in iLabClient.jar that allows local users to read or write to the database. This key is used by itech iLabClient for database access.Recommendations
For itech iLabClient version 3.7.1, consider restricting access to the database or removing the hard-coded key
YngAYdgAE/kKZYu2F2wm6w== from iLabClient.jar to prevent unauthorized access until a patch is available.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ilabclient