vendor:
Bitcoin,Dogecoin Mining
by:
Ihsan Sencan
6,4
CVSS
MEDIUM
Authentication Bypass
287
CWE
Product Name: Bitcoin,Dogecoin Mining
Affected Version From: 1.0
Affected Version To: 1.0
Patch Exists: NO
Related CWE: N/A
CPE: a:bousague:bitcoin,dogecoin_mining:1.0
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: WiN7_x64/KaLiLinuX_x64
2017
Bitcoin,Dogecoin Mining 1.0 – Authentication Bypass
The vulnerability allows an attacker to access the user panel and administration panel by using a crafted username and password. The crafted username is 'anything' and the password is 'or 1=1 or ''='.
Mitigation:
Enforce strong authentication policies and use two-factor authentication.
