Design/Logic Flaw

2018-04-1007:29:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.7%

JSON

The reset-password feature in MetInfo 6.0 allows remote attackers to change arbitrary passwords via vectors involving a Host HTTP header that is modified to specify a web server under the attacker’s control.

CPENameOperatorVersion
metinfoeq6.0.0

CPE	Name	Operator	Version
	metinfo	eq	6.0.0

References

www.cnblogs.com/babers/p/8503116.html

www.cnblogs.com/babers/p/8745739.html