CVE-2024-51984 – Apache Device Passcode Authentication Service Password Disclosure Vulnerability

June 25, 2025

CVE ID : CVE-2024-51984

Published : June 25, 2025, 8:15 a.m. | 2 hours, 42 minutes ago

Description : An authenticated attacker can reconfigure the target device to use an external service (such as LDAP or FTP) controlled by the attacker. If an existing password is present for an external service, the attacker can force the target device to authenticate to an attacker controlled device using the existing credentials for that external service. In the case of an external LDAP or FTP service, this will disclose the plaintext password for that external service to the attacker.

Severity: 6.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-41255 – Cyberduck and Mountain Duck TLS Certificate Pinning Vulnerability

Next Article CVE-2024-51983 – Cisco Web Services Crash DoS

The Power Of The Intl API: A Definitive Guide To Browser-Native Internationalization

This week in AI dev tools: GPT-5, Claude Opus 4.1, and more (August 8, 2025)

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

I compared the best headphones from Apple, Sony, Bose, and Sonos: Here’s how the AirPods Max wins

I changed these 6 settings on my iPad to significantly improve its battery life

DistroWatch Weekly, Issue 1134

3 portable power stations I travel everywhere with (and how they differ)

Next.js PWA offline capability with Service Worker, no extra package

Next.js PWA offline capability with Service Worker, no extra package

spatie/laravel-flare

Establishing Consistent Data Foundations with Laravel’s Database Population System

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Windows 11 Copilot gets free access to GPT-5 Thinking, reduced rate limits than ChatGPT Free

Best Architecture AI Rendering Platform: 6 Tools Tested

Microsoft won’t kill off Chromium Edge and PWAs on Windows 10 until October 2028

CVE-2024-51984 – Apache Device Passcode Authentication Service Password Disclosure Vulnerability

Researchers Reveal ReVault Attack Targeting Dell ControlVault3 Firmware in 100+ Laptop Models

Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

CVE-2025-40577 – “SCALANCE LPE9403 Profinet Packet Validation Remote Code Execution Denial of Service”

CVE-2025-5690 – PostgreSQL Anonymizer Mask Data Read Bypass

Maximising the impact of our breakthroughs

CVE-2025-47576 – Bringthepixel Bimber Remote File Inclusion Vulnerability

The Ultimate Guide to AI Dev Tools in 2025

Why I recommend this Nikon camera to most beginner photographers – especially at this price

CVE-2025-40574 – “Siemens SCALANCE LPE9403 Privilege Escalation”

How the Trump administration changed AI: A timeline

CVE-2024-51984 – Apache Device Passcode Authentication Service Password Disclosure Vulnerability

Related Posts