Details
-
Bug
-
Resolution: Fixed
-
Major
-
4.0.0
-
Security Level: Public
-
None
-
Any OS
-
Untriaged
-
Unknown
Description
currently, to writing settings for debugging, read settings into a file, modify and
curl localhost:9102/settings -d @settings:json
This does not require any authorization. Which makes it vulnerable.