CVE-2022-36604 Information

Description

An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user passwords via a crafted POST request.

Reference

https://jamesachambers.com/cryptocurrency-asic-miners-security-and-hacking-audit/