CNNVD-202509-3096 Information
CNNVD ID
CNNVD-202509-3096
Related CVE
- CNNVD Published: 2025-09-19
Description (Chinese)
General Bytes Crypto Application Server是General Bytes公司的提供基于浏览器的强大而简单的管理。 General Bytes Crypto Application Server 20201208版本至20220531.38之前版本和20220725.22之前版本存在安全漏洞,该漏洞源于管理界面存在身份验证绕过,可能导致远程创建管理员账户和资金重定向。
Description (English)
General Bytes Crypto Application Server is the powerful and simple management of General Bytes’s provision of browser-based services. There is a security gap between the General Bytes Crypto Applications 201208 and the pre-20220531.38 and pre-20227225.22 versions, which stems from the fact that the management interface has been bypassed by identification, which could lead to the remote creation of administrator accounts and re-direction of funds.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
Generic Syntax Highlighter
Published
2025-09-19
Last Modified
2026-02-24
References
https://generalbytes.atlassian.net/wiki/spaces/ESD/pages/2785509377/Security%2BIncident%2B https://news.sophos.com/en-us/2022/08/23/bitcoin-atms-leeched-by-attackers-who-created-fake-admin-accounts/ https://thehackernews.com/2022/08/hackers-stole-crypto-from-bitcoin-atms.html https://www.halborn.com/blog/post/explained-the-general-bytes-bitcoin-atm-hack-august-2022 https://www.incibe.es/en/incibe-cert/publications/cybersecurity-highlights/0day-vulnerability-exploited-general-bytes https://www.vulncheck.com/advisories/general-bytes-cas-unauth-creation-of-admin-account-via-default-installation-first-admin-page https://access.redhat.com/security/cve/cve-2022-4980
Patch
https://www.generalbytes.com/en/
Share on: