CVE-2023-33524

Advent/SSC Inc. Tamale RMS < 23.1 is vulnerable to Directory Traversal. The configuration backup file, which contains username hashes, cleartext passwords, and API keys, can be downloaded. This could allow a malicious actor to crack the passwords offline and/or utilize the API keys to control the remote application.

Source: CVE-2023-33524