Cross-Site Request Forgery Vulnerabilities in APC Switched Rack PDU Devices
CVE-2009-1797

Currently unrated

Key Information:

Vendor: Apc
Status: Network Management Card; Switched Rack Pdu
Vendor: CVE Published:; 28 December 2009

What is CVE-2009-1797?

The APC Switched Rack PDU and associated Network Management Card devices are susceptible to multiple cross-site request forgery (CSRF) vulnerabilities. These flaws enable remote attackers to exploit authenticated sessions of both administrators and regular device users. By crafting malicious requests, an attacker could potentially create new administrative accounts or perform other unauthorized actions on the affected systems, compromising the security and integrity of the devices.

References

http://holisticinfosec.org/content/view/111/45/

x_refsource_MISC

http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_...

x_refsource_CONFIRM

http://www.kb.cert.org/vuls/id/166739

third-party-advisoryx_refsource_CERT-VN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 28, 2009

CVE-2009-1797 Data

JSON

Apc

What is CVE-2009-1797?

References

Timeline