Auth bypass in Cashdro 3 Administration Panel

CVE-2026-8077

Lack of proper authorization implementation in the CashDro 3 web administration panel, version 24.01.00.26. The backend lacks authorization controls, leaving security entirely to the frontend. By modifying the binary string in the ‘Permiss…

Vulnerability class: Broken Access Control

EPSS: 0.000 (10.8th percentile) — read the EPSS interpretation.