CSRF Vulnerability in Sagem F@ST 2604 Allows Remote Password Hijacking

CSRF Vulnerability in Sagem F@ST 2604 Allows Remote Password Hijacking

CVE-2012-5320 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in password.cgi in Sagem F@ST 2604 253180972B allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the sysPassword parameter.

Learn more about our Web Application Penetration Testing UK.