CVE-2020-37118 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

P5 FNIP-8x16A FNIP-4xSH 1.0.20 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user interact…
Medium CVSS: 5.1

CVE-2020-37118

P5 FNIP-8x16A FNIP-4xSH 1.0.20 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user interaction. Attackers can craft malicious web pages to add new admin users, change passwords, and modify system configurations by tricking authenticated users into loading a specially crafted page.
Vendor
-
Product
-
CWE
CWE-352
Yayın Tarihi
2026-02-05 17:16:06
Güncelleme
2026-02-05 20:47:37
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-352 MEDIUM 2026

Referanslar

https://exchange.xforce.ibmcloud.com/vulnerabilities/180253 https://packetstorm.news/files/id/157318 https://www.exploit-db.com/exploits/48362 https://www.p5.hu/ https://www.vulncheck.com/advisories/p-fnip-xa-fnip-xsh-cross-site-request-forgery-add-admin https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5564.php