CVE-2021-27187

HIGH

Sovremennye Delovye Tekhnologii FX Aggregator Terminal Client 1 - Cleartext Password Storage

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-27187. PoCs published by jet-pentest.

AI-analyzed exploit summary This repository contains a writeup for CVE-2021-27187, which describes an information disclosure vulnerability in the FX Aggregator terminal client by Sovremennye Delovye Tekhnologii. The vulnerability involves storing authentication credentials in cleartext in the 'login.sav' file when the 'Save Password' option is enabled.

Description

The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 stores authentication credentials in cleartext in login.sav when the Save Password box is checked.

Exploits (1)

nomisec WRITEUP 1 stars
by jet-pentest · poc
https://github.com/jet-pentest/CVE-2021-27187

This repository contains a writeup for CVE-2021-27187, which describes an information disclosure vulnerability in the FX Aggregator terminal client by Sovremennye Delovye Tekhnologii. The vulnerability involves storing authentication credentials in cleartext in the 'login.sav' file when the 'Save Password' option is enabled.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: FX Aggregator terminal client version 1
No auth needed
Prerequisites: Access to the 'login.sav' file on the affected system
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.5
EPSS 0.0203
EPSS Percentile 78.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-522
Status published
Products (1)
xn--b1agzlht/fx_aggregator_terminal_client 1.0
Published Feb 12, 2021
Tracked Since Feb 18, 2026