The application suffers from improper access control when editing users. A user with read permissions can manipulate users, passwords, and permissions by sending a single HTTP POST request with modified parameters.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Analog_fm_transmitter_exc5000gx_firmware | Sielco | - (including) | - (including) |