all InfoSec news
CVE-2020–10965 : Unauthenticated Admin Password Reset
InfoSec Write-ups - Medium infosecwriteups.com
CVE-2020–10965 : Unauthenticated Admin Password Reset
Hello folks,
A vulnerability was identified in the default admin account’s Login/ResetAdminPassword function, which allows for unauthenticated password resets, possibly allowing an attacker to obtain unauthorised access to the account.
https://rashahacks.com/content/images/size/w1140/2023/02/passwords-2.pngDescription:
The vulnerability allows an attacker to modify the password of default admin without any authentication. By accessing the Login/ResetAdminPassword , an attacker can provide an email address associated with the admin account, and a password reset link will be sent to that …
admin-panel bug bounty cve cybersecurity hacking password password reset penetration testing reset