CSRF Vulnerability in Rumpus FTP Server 8.2.9.1's Web File Manager Allows Unauthorized Account Manipulation

CSRF Vulnerability in Rumpus FTP Server 8.2.9.1's Web File Manager Allows Unauthorized Account Manipulation

CVE-2019-19662 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

A CSRF vulnerability exists in the Web File Manager's Create/Delete Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can Create and Delete accounts via RAPR/TriggerServerFunction.html.

Learn more about our Web App Pen Testing.