Headline
CVE-2023-38356: Public CVEs
MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.
CVE
Type
Software
Description
CVE-2023-38351
Missing SSL Certificate Validation
MiniTool Partition Wizard 12.8
MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack.
CVE-2023-38352
Missing SSL Certificate Validation
MiniTool Partition Wizard 12.8
MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack.
CVE-2023-38353
Missing SSL Certificate Validation
MiniTool Power Data Recovery 11.6
MiniTool Power Data Recovery 11.6 contains an insecure in-app payment system that allows attackers to steal highly sensitive information through a man in the middle attack.
CVE-2023-38354
Missing SSL Certificate Validation
MiniTool Shadow Maker 4.1
MiniTool Shadow Maker 4.1 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.
CVE-2023-38355
Missing SSL Certificate Validation
MiniTool Movie Maker 7.0
MiniTool Movie Maker 7.0 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.
CVE-2023-38356
Missing SSL Certificate Validation
MiniTool Power Data Recovery 11.6
MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.