CVE-2022-43326

Privilege Escalation - IDOR - | Telos Alliance Omnia MPX Node

CVE ID: CVE-2022-43326
CVE Author: Momen Eldawakhly (Cyber Guy) & Ahmed Alroky (Bad Bot)
Vendor: Telos Alliance
Product: Omnia MPX Node
Affected Versions: 1.0.0-1.4.*
Description:
An Insecure Direct Object Reference (IDOR) vulnerability in the password reset function of Telos Alliance Omnia MPX Node 1.0.0-1.4.* allows attackers to arbitrarily change user and Administrator account passwords.
PoC Image:
Before
After

CVE-2022-44038

CVE-2022-43325

Last modified 3mo ago