Plastic scm 10.0.16.5622 webadmin server access Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2021-10-18 |
Type : webapps |
Platform : multiple
This exploit / vulnerability Plastic scm 10.0.16.5622 webadmin server access is for educational purposes only and if it is used you will do on your own risk!
1. Navigate to target.com/account [This holds administrator login console]
2. Change URL to target.com/account/register [Here able to set new password for the adminstrator user]
3. Now after changing password of administrator and login to console and Navigate to target.com/configuration/authentication and set an new password for any of the users
4. Now navigate to target.com/webui/repos and login with the recently changed password for user i.e is in step 3