CVE

CVE-2020-8657

admin

CVE-2020-8657

An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded as EONAPI_KEY in include/api_functions.php for API version 2.4.2) by default for all installations, hence allowing an attacker to calculate/guess the admin access token.

Source: CVE-2020-8657

Exit mobile version