CyberSec.Space Logo
返回 CVE 浏览器

CVE-2011-5284

MEDIUM
6.8
CVSS Severity Score
EPSS Score0.0670%
EPSS Percentile34.95th
Published2014年12月31日
Last Modified2026年5月6日

Vulnerability Description

Cross-site request forgery (CSRF) vulnerability in the web management interface in httpd/cgi-bin/shutdown.cgi in Smoothwall Express 3.1 and 3.0 SP3 and earlier allows remote attackers to hijack the authentication of administrators for requests that perform a reboot via a request to cgi-bin/shutdown.cgi.

Affected Platforms (CPE)

💻
Smoothwall

Smoothwall

<= 3.1
💻
Smoothwall

Smoothwall

= 3.0

References & Advisories

🔗 http://osvdb.org/show/osvdb/70497
🔗 http://packetstormsecurity.com/files/129698/SmoothWall-3.1-Cross-Site-Request-Forgery-Cross-Site-Scripting.html
🔗 http://www.exploit-db.com/exploits/16006
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/99403
🔗 http://osvdb.org/show/osvdb/70497
🔗 http://packetstormsecurity.com/files/129698/SmoothWall-3.1-Cross-Site-Request-Forgery-Cross-Site-Scripting.html
🔗 http://www.exploit-db.com/exploits/16006
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/99403

相关漏洞威胁

CVE-2011-10858.8

CSRF vulnerability in Smoothwall Express 3.

CVE-2019-253957.2

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple stored cross-site scripting vulnerabilities in the preferences.c...

CVE-2019-253797.2

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains stored and reflected cross-site scripting vulnerabilities in the urlfilte...

CVE-2019-253947.2

Smoothwall Express 3.1-SP4-polar-x86_64-update9 contains multiple stored cross-site scripting vulnerabilities in the modem.cgi scr...