Vulnerability CVE-2024-3777
Published: 2024-04-15

Description:

The password reset feature of Ai3 QbiBot lacks proper access control, allowing unauthenticated remote attackers to reset any user's password.

Type:

CWE-284

 (Improper Access Control)

 References:
https://www.twcert.org.tw/tw/cp-132-7732-9a54e-1.html
Copyright 2024, cxsecurity.com

 

Back to Top