CVE-2010-2268

Cross-site request forgery (CSRF) vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to hijack the authentication of administrators for requests that create user accounts.

Published: Jun 15, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-2268
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
accoria / rock_web_server	1.4.7	1.4.7.x

http://www.ioactive.com/pdfs/AccoriaWebServer.pdf
http://www.kb.cert.org/vuls/id/245081

Vulnerability Database

290,278

CVE-2010-2268