Razer: Accessible Druid Monitor console on https://api.pay-staging.razer.com/

ID H1:702784
Type hackerone
Reporter 0xklaue
Modified 2019-12-05T06:24:41


The tester discovered a monitoring application was available on a remotely accessible administrative console in the Razer Pay staging environment, which could have been used to leverage information that could have compromised the server. The Razer Pay team removed this and other similar servers from public access.