Vulnerabilities > CVE-2018-9934 - Unspecified vulnerability in Metinfo 6.0.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE network
metinfo
Summary
The reset-password feature in MetInfo 6.0 allows remote attackers to change arbitrary passwords via vectors involving a Host HTTP header that is modified to specify a web server under the attacker's control.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |