Publicly Exposed Debug Interface in Goldshell ASIC Miners v2.2.1 and Below: A Gateway to Passwords and Sensitive Data

Publicly Exposed Debug Interface in Goldshell ASIC Miners v2.2.1 and Below: A Gateway to Passwords and Sensitive Data

CVE-2022-24660 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

The debug interface of Goldshell ASIC Miners v2.2.1 and below was discovered to be exposed publicly on the web interface, allowing attackers to access passwords and other sensitive information in plaintext.

Learn more about our Web App Pen Testing.