Default Installation Vulnerability in Lansweeper 6.0.x through 7.2.x

Default Installation Vulnerability in Lansweeper 6.0.x through 7.2.x

CVE-2020-14011 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Lansweeper 6.0.x through 7.2.x has a default installation in which the admin password is configured for the admin account, unless "Built-in admin" is manually unchecked. This allows command execution via the Add New Package and Scheduled Deployments features.

Learn more about our Web Application Penetration Testing UK.