Privilege Escalation — Unauthenticated access to Admin Portal (CVE-2020–35745)

Introduction

This article is a write up on how I found a Privilege Escalation Vulnerability where an attacker can access complete admin portal without authentication which gave me a new CVE-2020–35745.

What is Privilege Escalation?

Privilege escalation occurs when a user gets access to more resources or functionality than they are normally allowed, and such elevation or changes should have been prevented by the application. This is usually…