8x8: Access to ██████████████ due to weak credentials

ID H1:692116
Type hackerone
Reporter kingragnar
Modified 2020-01-08T20:37:28


Hi Team

Description: During the analysis, It was found that the █████████████████████ ask's for credentials from the users to access the ██████, But the weak credentials set █████:██████ allows anyone to login.

Steps To Reproduce:

  1. Open █████████████████████████
  2. Enter █████████ ███████ username and password field.
  3. You now have access to the analytical data.




Use strong set of password instead of common████generic ones like ████:██████


An attacker can bypass the authentication check and access the internal analytical data.

PS: apart from the analytical data, I wasn't able to find much.