CVE-2001-1546

HIGH

Pathways Homecare 6.5 - Info Disclosure

Title source: llm

Description

Pathways Homecare 6.5 uses weak encryption for user names and passwords, which allows local users to gain privileges by recovering the passwords from the pwhc.ini file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by shoeboy · perllocalwindows

https://www.exploit-db.com/exploits/21173

View Code ZIP pw:eip

References (3)

[Broken Link] http://www.iss.net/security_center/static/7682.php

[Broken Link, Exploit, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/3653

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/244367

Scores

CVSS v3 7.8

EPSS 0.0011

EPSS Percentile 28.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-326

Status published

Products (1)

mckesson/pathways_homecare 6.5

Published Dec 31, 2001

Tracked Since Feb 18, 2026