The vulnerability could have allowed an attacker to leak the NTLM credentials of the OPA server's local user account to a remote server, potentially allowing the attacker to relay the authentication or crack the password.
At its core, the issue stems from an improper input validation that can lead to unauthorized access by leaking the Net-NTLMv2 hash of the user who is currently logged into the Windows device running the OPA application.
When a user or application attempts to access a remote share on Windows, it forces the local machine to authenticate to the remote server via NTLM. During this process, the NTLM hash of the local user is sent to the remote server.
Collection
[
|
...
]