CVE-2020-36968 | HackTesting

M/Monit 3.7.4 contains an authentication vulnerability that allows authenticated attackers to retrieve user password hashes through an administrative API endpoint. Attackers can send requests to the /api/1/admin/users/list and /api/1/admin/users/get endpoints to extract MD5 password hashes for all users.

Credits

Dolev Farhi

References

https://www.exploit-db.com/exploits/49081

https://mmonit.com/

https://www.vulncheck.com/advisories/mmonit-password-disclosure