1 results (0.005 seconds)

CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 1

In Lansweeper 8.0.130.17, the web console is vulnerable to a CSRF attack that would allow a low-level Lansweeper user to elevate their privileges within the application. En Lansweeper versión 8.0.130.17, la consola web es vulnerable a un ataque de tipo CSRF que permitiría a un usuario de Lansweeper de bajo nivel escalar sus privilegios dentro de la aplicación • https://research.nccgroup.com/2020/09/25/technical-advisory-lansweeper-privilege-escalation-via-csrf-using-http-method-interchange https://www.nccgroup.com/us/our-research/?research=Technical+advisories • CWE-352: Cross-Site Request Forgery (CSRF) •