Rating: 5.0
Possible unintended solution1. Only single byte flipped to login as admin with group=root2. Exploiting split() function in auth
I don't remember