Skip to main content

Cleartext Transmission of Sensitive Information


Severity High
Score 8.4/10


ezseed-transmission bellow 0.0.15 is vulnerable to Man-in-the-Middle attacks for downloading and running a script over HTTP connection. An attacker in a privileged network position could intercept the script, replace it with malicious code and completely compromise the system running ezseed-transmission.

  • LOW
  • HIGH
  • NONE
  • NONE
  • HIGH
  • HIGH

CWE-319 - Cleartext Transmission of Sensitive Information

The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

Advisory Timeline

  • Published