exploitDog

CVE-2020-36908

Опубликовано: 06 янв. 2026

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

SnapGear Management Console SG560 version 3.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft a malicious web page that automatically submits a form to create a new super user account with full administrative privileges when a logged-in user visits the page.

Ссылки

EPSS

Процентиль: 5%

0.0002

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-352

Связанные уязвимости

GHSA-xqxv-cgxh-vc8w

CVSS3: 5.3

github

около 1 месяца назад

SnapGear Management Console SG560 version 3.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft a malicious web page that automatically submits a form to create a new super user account with full administrative privileges when a logged-in user visits the page.

EPSS

Процентиль: 5%

0.0002

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-352