In Airsonic 10.2.1, RecoverController.java generates passwords via org.apache.commons.lang.RandomStringUtils, which uses java.util.Random internally. This PRNG has a 48-bit seed that can easily be bruteforced, leading to trivial privilege escalation attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
airsonic project airsonic 10.2.1 |