10 matches found
EUVD-2022-39308
Malicious code in bioql PyPI...
CVE-2022-36604
An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request...
CVE-2022-36604
An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request...
CVE-2022-36604
An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request...
CVE-2022-36604
An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request...
Cross site request forgery (csrf)
An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request...
CVE-2022-36604
The CVE-2022-36604 issue affects Canaan Avalon ASIC Miner firmware versions 2020.3.30 and earlier, due to an improper access-control vulnerability. An unauthenticated attacker can ACHIEVE arbitrary password changes by sending a crafted POST request, exposing a risk of account takeovers and potent...
CVE-2022-36604
An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request...
PT-2022-23500 · Canaan · Canaan Avalon Asic Miner
Name of the Vulnerable Software and Affected Versions: Canaan Avalon ASIC Miner versions 2020.3.30 and below Description: The issue is related to an access control problem, allowing unauthenticated attackers to change user passwords using a crafted POST request. Recommendations: For Canaan Avalon...
Canaan Avalon ASIC Miner 访问控制错误漏洞
Canaan Avalon ASIC Miner is a bitcoin mining machine from Canaan, a Chinese company. A security vulnerability exists in Canaan Avalon ASIC Miner version 2020.3.30 and prior versions, which stems from improper access control. An attacker could use this vulnerability to arbitrarily change a user's...