vendor:
Razor
by:
ppb
7.5
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: Razor
Affected Version From: 0.7.2
Affected Version To: 0.7.2
Patch Exists: YES
Related CWE: CVE-2018-7745
CPE: a:cobub:razor:0.7.2
Metasploit:
N/A
Other Scripts:
N/A
Platforms Tested: None
2018
Cobub Razor 0.7.2 Add New Superuser User
There is a vulnerability in Cobub Razor 0.7.2 that allows an attacker to add an administrator user without authentication. An attacker can update the URL and save it to an HTML file, then open it to exploit the vulnerability.
Mitigation:
Upgrade to the latest version of Cobub Razor to mitigate this vulnerability.
