Back to search
CVE-2012-2999
Published: Oct 4, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface in Cerberus FTP Server before 5.0.5.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add a user account or (2) reconfigure the state of the FTP service, as demonstrated by a request to usermanager/users/modify.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
VU#989684
third-party-advisory
x_refsource_CERT-VN
http://www.cerberusftp.com/products/releasenotes.html
x_refsource_CONFIRM
55788
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now