cve/2019/CVE-2019-16071.md

CVE-2019-16071

Description

Enigma NMS 65.0.0 and prior allows administrative users to create low-privileged accounts that do not have the ability to modify any settings in the system, only view the components. However, it is possible for a low-privileged user to perform all actions as an administrator by bypassing authorization controls and sending requests to the server in the context of an administrator.

POC

Reference

• https://www.mogozobo.com/?p=3647

Github

No PoCs found on GitHub currently.