← volver
CVE-2022-2822

Authentication Bypass by Primary Weakness in octoprint/octoprint

CVSS 3.7 LOWEPSS 0.7%CWE-307
An attacker can freely brute force username and password and can takeover any account. An attacker could easily guess user passwords and gain access to user and administrative accounts.
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Productos afectados
octoprint · octoprint/octoprint

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/octoprint/octoprint/commit/82c892ba40b3741d1b7711d949e56af64f5bc2dehttps://huntr.dev/bounties/6369f355-e6ef-4469-af75-0f6ff00cde3d