WRITEUP #4162

Broken Access Control on samsung.com subdomain leads to Mass Account Takeover of Samsung employees application accounts

ReconInformation disclosureAccount takeoverBroken authorization

by@naglinagli(Gal Nagli)

Program

Samsung

Published

Dec 18, 2020

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://web.archive.org/web/20221001135501/https://galnagli.com/Samsung_Exposure/

▸ RELATED WRITEUPS

Built with ❤️ by Shubham Rawat