CVE-2012-5320

EUVD-2012-5243
Cross-site request forgery (CSRF) vulnerability in password.cgi in Sagem F@ST 2604 253180972B allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the sysPassword parameter.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 53%
Affected Products (NVD)
VendorProductVersion
sagemf\@st_2604
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/48088
http://www.exploit-db.com/exploits/18504
http://www.osvdb.org/79649
https://exchange.xforce.ibmcloud.com/vulnerabilities/73380
http://secunia.com/advisories/48088
http://www.exploit-db.com/exploits/18504
http://www.osvdb.org/79649
https://exchange.xforce.ibmcloud.com/vulnerabilities/73380