EUVD-2022-39308

Malicious code in bioql PyPI...

CVE-2022-36604

An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request...

CVE-2022-36604

An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request...

CVE-2022-36604

An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request...

Cross site request forgery (csrf)

An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request...

CVE-2022-36604

An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request...

CVE-2022-36604

The CVE-2022-36604 issue affects Canaan Avalon ASIC Miner firmware versions 2020.3.30 and earlier, due to an improper access-control vulnerability. An unauthenticated attacker can ACHIEVE arbitrary password changes by sending a crafted POST request, exposing a risk of account takeovers and potent...

PT-2022-23500 · Canaan · Canaan Avalon Asic Miner

Name of the Vulnerable Software and Affected Versions: Canaan Avalon ASIC Miner versions 2020.3.30 and below Description: The issue is related to an access control problem, allowing unauthenticated attackers to change user passwords using a crafted POST request. Recommendations: For Canaan Avalon...