Login Sign Up

CVE-2024-33867

4.8 MEDIUM

📋 TL;DR

Linqi versions before 1.4.0.1 on Windows contain a hardcoded password salt, which weakens password security by making password hashes predictable. This affects all Windows users of Linqi software versions below 1.4.0.1. Attackers could potentially crack passwords more easily if they obtain password hashes.

💻 Affected Systems

Products:
  • Linqi
Versions: All versions before 1.4.0.1
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Windows installations of Linqi; Linux/macOS versions are not affected.

📦 What is this software?

Linqi by Linqi

View all CVEs affecting Linqi →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could precompute rainbow tables using the known salt and crack user passwords from stolen password hashes, leading to account compromise and potential lateral movement.

🟠

Likely Case

If password hashes are exposed through another vulnerability, attackers could more efficiently crack passwords using the predictable salt, compromising individual user accounts.

🟢

If Mitigated

With strong password policies and proper access controls limiting hash exposure, the impact is reduced to theoretical risk with minimal practical exploitation.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires access to password hashes through another vulnerability or system access; cannot be exploited directly without hash access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.4.0.1

Vendor Advisory: https://linqi.help/Updates/en#/SecurityUpdates

Restart Required: Yes

Instructions:

1. Download Linqi version 1.4.0.1 from official sources. 2. Run the installer to upgrade. 3. Restart the Linqi service or system. 4. Verify the version is 1.4.0.1 or higher.

🔧 Temporary Workarounds

Enforce password rotation

all

Require all users to change passwords after patching to generate new hashes with proper salts.

Restrict access to password storage

all

Implement strict access controls to prevent unauthorized access to password hashes.

🧯 If You Can't Patch

  • Migrate to Linux/macOS version of Linqi if possible, as they are not affected.
  • Implement network segmentation to isolate vulnerable systems and monitor for unauthorized access attempts.

🔍 How to Verify

Check if Vulnerable:

Check Linqi version in application settings or via 'linqi --version' command; if version is below 1.4.0.1 on Windows, it is vulnerable.

Check Version:

linqi --version

Verify Fix Applied:

Confirm version is 1.4.0.1 or higher and check that password hashing uses unique salts (may require code review or vendor confirmation).

📡 Detection & Monitoring

Log Indicators:

  • Unusual access patterns to password databases or authentication logs
  • Failed login attempts followed by successful logins from unexpected locations

Network Indicators:

  • Suspicious outbound connections from Linqi servers to unknown IPs
  • Unusual authentication traffic patterns

SIEM Query:

source="linqi_logs" AND (event_type="authentication" OR event_type="password_change") | stats count by user, src_ip

📊 Metadata

CVE ID: CVE-2024-33867
CVSS v3 Score: 4.8 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:N
CWE: CWE-259
Published: May 14, 2024
Last Updated: April 28, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-33867, you might also want to check these:

CVE-2025-20286 9.9

A critical vulnerability in Cisco ISE cloud deployments allows unauthenticated attackers to access s...

Same vulnerability type (CWE-259)
CVE-2024-33625 9.8

CyberPower PowerPanel Business application contains a hard-coded JWT signing key, allowing attackers...

Same vulnerability type (CWE-259)
CVE-2017-20039 9.8

CVE-2017-20039 is a critical authentication weakness in SICUNET Access Controller that allows remote...

Same vulnerability type (CWE-259)