Cross-Site Request Forgery Vulnerability in P5 FNIP-8x16A FNIP-4xSH
CVE-2020-36906

5.3MEDIUM

Key Information:

Vendor

P5

Status
Fnip-8x16a
Vendor
CVE Published:
6 January 2026

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2020-36906?

The P5 FNIP-8x16A FNIP-4xSH version 1.0.20 is vulnerable to cross-site request forgery (CSRF), which allows attackers to execute unauthorized administrative actions. By deceiving a logged-in user into accessing a malicious webpage, an attacker can manipulate the victim's session to create new admin accounts, change existing user passwords, or alter system settings without their consent. This vulnerability poses significant risks by potentially granting attackers unauthorized control over the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

FNIP-8x16A 1.0.20

FNIP-8x16A 1.0.11

References

https://www.exploit-db.com/exploits/48362
exploit
https://www.p5.hu
product
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-55...
third-party-advisory

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

iej1ctk1g
JSON
.