CVE-2020-28872

Name of the Vulnerable Software and Affected Versions: Monitorr version 1.7.6m

Description: An authorization bypass issue in Monitorr/assets/config/ installation/ register.php allows an unauthorized person to create valid credentials.

Recommendations: For Monitorr version 1.7.6m, consider restricting access to the register.php file until a patch is available. As a temporary workaround, disabling the registration functionality in Monitorr/assets/config/ installation/ register.php may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.