Vulnerable to an authentication bypass bug which allows unprivileged users to modify root pass
great job !