CVE-2005-3344
NUCLEIHorde 3.0.4 - Unauthenticated Remote Access via Default Blank Admin Password
Title source: llmExploitation Summary
CVE-2005-3344 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
The default installation of Horde 3.0.4 contains an administrative account with a blank password, which allows remote attackers to gain access.
Nuclei Templates (1)
Horde Groupware Unauthenticated Admin Access
CRITICALby pikpikcu
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/24576
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/15337/
Various Sources x_refsource_misc
http://www.networkscanning.com/Horde-Default-Admin-Password-Vulnerability-VSS_20171.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/24117
Patch, Vendor Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2005/dsa-884
Scores
EPSS
0.1015
EPSS Percentile
93.3%
Details
Status
published
Products (1)
horde/horde
3.0.4
Published
Nov 16, 2005
Tracked Since
Feb 18, 2026