I don’t know the best way to raise this to the FutureBit team, but that’s one brand that comes to mind as being on to ensure they also aren’t susceptible
I don't think they have this kind of issue, from the pictures I saw, the front end is using a framework for sure, and any common one have this issues solved, at least the easy one.
In the case of bitaxe, i think that some common defensive behaviors are skipped to prioritize resource optimization, most of bitaxe don't have to be publicly expose.
CSRF vulnerabilities can be quite fun. A few years ago, I found one on the website of the company I was working for. If you clicked on the URL I sent, you’d end up posting on the website without even realizing it! 🤣
I feel like this is very plausible to exist on other miner software that expects to be accessible only on LAN.
Indeed.
I don’t know the best way to raise this to the FutureBit team, but that’s one brand that comes to mind as being on to ensure they also aren’t susceptible
I don't think they have this kind of issue, from the pictures I saw, the front end is using a framework for sure, and any common one have this issues solved, at least the easy one.
In the case of bitaxe, i think that some common defensive behaviors are skipped to prioritize resource optimization, most of bitaxe don't have to be publicly expose.
deleted by author
Thanks... I was talking about the FutureBit case.
deleted by author
https://xcancel.com/skot9000/status/1879619581884481829
CSRF vulnerabilities can be quite fun. A few years ago, I found one on the website of the company I was working for. If you clicked on the URL I sent, you’d end up posting on the website without even realizing it! 🤣
deleted by author