Vulnerability Details CVE-2022-36604
An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.4%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-36604
-
cpe:2.3:h:canaan:avalon_asic_miner:-
-
cpe:2.3:o:canaan:avalon_asic_miner_firmware:-
-
cpe:2.3:o:canaan:avalon_asic_miner_firmware:2020.3.30