Authentication Bypass in Plixer Scrutinizer Web Console

CVE-2012-2626

What is CVE-2012-2626?

The web console in Plixer Scrutinizer prior to version 9.5.0 contains a vulnerability where the cgi-bin/admin.cgi does not require proper token authentication. This oversight allows remote attackers to gain unauthorized administrative access through malicious user preferences actions. Such an exploit could lead to the addition of unauthorized administrative accounts, posing a significant security risk for users relying on the Scrutinizer platform.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References