CVE-2022-35513 | blink1-pass-decrypt
blink1-pass-decrypt ⭐
poc and simple script designed for reversing the ciphertext found at /blink/input
of the api server in blink1control2 installations (versions <=227)
the exploit - CVE-2022-35513 ❗
the blink1control2 app utilises weak password encryption and an insecure method of storage which can be found by accessing the /blink1/input url
of the api server