by vicarius
log in join community
by @khurram.arif
30 Oct 2022
#cve_analysis

Write a blog analysis for a CVE

publish

Bypassing Account lockout on elabFTW - & Brute-force login - CVE 2022-31007

by @khurram.arif
by @khurram.arif
30 Oct 2022
#cve_analysis

Write a blog analysis for a CVE

publish

Bypassing Account lockout on elabFTW - & Brute-force login - CVE 2022-31007

CVEs

CVE-2022-31007
7.2 High Severity

Apps

E
ElabftwElabftw
0.9.4.2.*
0.9.1.2.*
0.12.6.*
3.4.17.*
0.9.1.1.*
4.3.10.*
0.7.3.1.*
3.4.13.*
3.3.11.*
3.6.7.*

Screenshots from the blog posts

blog-posts/images/cl9vblsnn0k9c0kpl6a753924.jpgblog-posts/images/cl9vblsnn0k9c0kpl6a753924.jpg

Summary

Bypass brute-force Protection or Account lockout on elabFTW prior to version 4.1.0

Description

Tags

#CVE-2022-31007#vicarius_blog#burp_suite#account_bypass#elabFTW
users/photos/cl9u4ikuuft0d0llg3b78egln.png

@khurram.arif

11 posts

Total vcoins

11.3K

Comments (0)