5 matches found
CVE-2020-7378
CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. An attacker who is able to connect to the affected OpenCRX instance can change the password of any user, including admin-Standard, to any chosen value. This issue was resolved in versio...
CVE-2020-7378
CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. An attacker who is able to connect to the affected OpenCRX instance can change the password of any user, including admin-Standard, to any chosen value. This issue was resolved in versio...
Design/Logic Flaw
CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. An attacker who is able to connect to the affected OpenCRX instance can change the password of any user, including admin-Standard, to any chosen value. This issue was resolved in versio...
CVE-2020-7378 CRIXP OpenCRX Unverified Password Change
CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. An attacker who is able to connect to the affected OpenCRX instance can change the password of any user, including admin-Standard, to any chosen value. This issue was resolved in versio...
CVE-2020-7378
CVE-2020-7378 affects CRIXP OpenCRX versions 4.30 and 5.0-20200717 (and prior). The vulnerability is an unverified password change flaw that lets an attacker who can reach the OpenCRX instance change any user’s password (including admin-Standard) to an attacker-chosen value. Rapid7 and NVD descri...