CVE-2020-36968 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

M/Monit 3.7.4 contains an authentication vulnerability that allows authenticated attackers to retrieve user password hashes through an administrative API endpoi…
High CVSS: 7.1

CVE-2020-36968

M/Monit 3.7.4 contains an authentication vulnerability that allows authenticated attackers to retrieve user password hashes through an administrative API endpoint. Attackers can send requests to the /api/1/admin/users/list and /api/1/admin/users/get endpoints to extract MD5 password hashes for all users.
Vendor
Tildeslash
Product
M\/monit
CWE
CWE-522
Yayın Tarihi
2026-01-28 18:16:47
Güncelleme
2026-02-03 15:42:57
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-522 M\/monit HIGH Tildeslash 2026

Referanslar

https://mmonit.com/ https://www.exploit-db.com/exploits/49081 https://www.vulncheck.com/advisories/mmonit-password-disclosure