Mesalvo Meona Client and Server Components Plain Text Password Storage Vulnerability

A vulnerability exists in the Mesalvo Meona Client Launcher Component (through 19.06.2020 15:11:49) and the Meona Server Component (through 2025.04 5+323020) that allows for the cleartext storage of sensitive information, specifically passwords, in memory. This issue was discovered during a red team engagement and could be exploited to access super admin accounts, as some passwords were stored in plaintext while others were hashed using the MD5 algorithm. The plaintext passwords were used in password spraying attacks, facilitating lateral movement within the network.

Impact

Exploitation of this vulnerability led to the unauthorized access of user accounts, including super admin accounts, allowing for further exploitation of the application and the network.

Reproduction

The vulnerability can be reproduced by accessing the admin panel with normal user credentials, which is possible because the backend server does not verify permission levels. Once in the admin panel, the user list can be accessed, revealing accounts with plaintext passwords. These passwords can then be used for lateral movement within the network.