CVE-2008-1106

CVE-2008-1106 · HIGH Severity

AV:N/AC:M/AU:N/C:N/I:C/A:N

The management interface in Akamai Client (formerly Red Swoosh) 3322 and earlier allows remote attackers to bypass authentication via an HTTP request that contains (1) no Referer header, or (2) a spoofed Referer header that matches an approved domain, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and force the client to download and execute arbitrary files.

Learn more about our Web Application Penetration Testing UK.