{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T07:23:15.971","vulnerabilities":[{"cve":{"id":"CVE-2024-29844","sourceIdentifier":"430a6cef-dc26-47e3-9fa8-52fb7f19644e","published":"2024-04-15T00:15:14.573","lastModified":"2025-12-10T17:39:49.417","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Default credentials on the Web Interface of Evolution Controller 2.x allows anyone to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the password. There is no warning or prompt to ask the user to change the default password."},{"lang":"es","value":"Las credenciales predeterminadas en la interfaz web de Evolution Controller 2.x (123 y 123) permiten que cualquiera inicie sesión en el servidor directamente para realizar funciones administrativas. Tras la instalación o el primer inicio de sesión, la aplicación no solicita al usuario que cambie la contraseña. No hay ninguna advertencia ni mensaje para pedirle al usuario que cambie la contraseña predeterminada."}],"metrics":{"cvssMetricV31":[{"source":"430a6cef-dc26-47e3-9fa8-52fb7f19644e","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"430a6cef-dc26-47e3-9fa8-52fb7f19644e","type":"Secondary","description":[{"lang":"en","value":"CWE-1392"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cs-technologies:evolution:*:*:*:*:*:*:*:*","versionEndIncluding":"2.04.560","matchCriteriaId":"2087F49B-A37F-4472-A543-B6E6B5EA424E"}]}]}],"references":[{"url":"https://directcyber.com.au/sa/CVE-2024-29836-to-29844-evolution-controller-multiple-vulnerabilities.html","source":"430a6cef-dc26-47e3-9fa8-52fb7f19644e","tags":["Third Party Advisory"]},{"url":"https://directcyber.com.au/sa/CVE-2024-29836-to-29844-evolution-controller-multiple-vulnerabilities.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}