exploitDog

GHSA-jw3g-mpq9-r6jr

Опубликовано: 02 сент. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request.

An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request.

Ссылки

EPSS

Процентиль: 61%

0.00415

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-306

Связанные уязвимости

CVE-2022-36604

CVSS3: 7.5

nvd

больше 3 лет назад

An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request.

EPSS

Процентиль: 61%

0.00415

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-306