Cross-Site Request Forgery (CSRF) Vulnerability in AdRem NetCrunch 10.6.0.4587 Web Client Allows Account Takeover

Cross-Site Request Forgery (CSRF) Vulnerability in AdRem NetCrunch 10.6.0.4587 Web Client Allows Account Takeover

CVE-2019-14481 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

AdRem NetCrunch 10.6.0.4587 has a Cross-Site Request Forgery (CSRF) vulnerability in the NetCrunch web client. Successful exploitation requires a logged-in user to open a malicious page and leads to account takeover.

Learn more about our Web App Pen Testing.