Plastic SCM - WebAdmin Server Access

ID: 104866
CVE: None
Download vulnerable application: None
# Exploit Title: 
# Shodan Dork: title:"Plastic SCM"
# Date: 18.10.2021
# Exploit Author: Basavaraj Banakar
# Vendor Homepage:
# Software Link:
# Version: Plastic SCM <
# Tested on: Chrome,Firefox,Edge
# CVE : CVE-2021-41382

# Reference:

# Exploit:

1. Navigate to [This holds administrator login console]

2. Change URL to [Here able to set new password for the adminstrator user]

3. Now after changing password of administrator and login to console and Navigate to and set an new password for any of the users

4. Now navigate to and login with the recently changed password for user i.e is in step 3
1-4-2 (www01)