CVE-2012-2626

Currently unrated

Key Information:

Vendor: Sonicwall
Status: Scrutinizer
Vendor: CVE Published:; 31 July 2012

Summary

cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 does not require token authentication, which allows remote attackers to add administrative accounts via a userprefs action.

References

https://www.trustwave.com/spiderlabs/advisories/TWSL2012-...

x_refsource_MISC

http://www.plixer.com/Press-Releases/plixer-releases-9-5-...

x_refsource_MISC

EPSS Score

42% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 31, 2012

Collectors

NVD DatabaseMitre Database