Privilege Escalation — Unauthenticated access to Admin Portal (CVE-2020–35745)

Introduction

This article is a write up on how I found a Privilege Escalation Vulnerability where an attacker can access complete admin portal without authentication which gave me a new CVE-2020–35745.

What is Privilege Escalation?

Privilege escalation occurs when a user gets access to more resources or functionality than they are normally allowed, and such elevation or changes should have been prevented by the application. This is usually…

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ashish Dhone

Ashish Dhone

Information Security Analyst at Persistent Systems | Synack Red Team Member | CEH v10 | CEH Master | Bug Bounty Hunter