I discovered a CSRF vulnerability in AxeOS the Web Application used by the BitAxe Bitcoin Miners - https://snotra.uk/axeos-csrf-vulnerability.html

Simply clicking a link onnyiur home network can change your Stratum username and therefore your payout address. POC - http://poc.snotra.cloud:8888/bitaxe.html #bitcoin #hacking #pentesting #bitaxe #mining