Exagate SYSGuard 6001 Cross-Site Request Forgery Vulnerability Allowing Unauthorized Admin Account Creation
Vulnerability
A cross-site request forgery (CSRF) vulnerability has been identified in Exagate SYSGuard version 6001. This vulnerability allows attackers to create unauthorized admin accounts by tricking users into submitting a malicious HTML form. The crafted form is sent to 'kulyon.php', where it adds a new user with administrative privileges without the victim's consent.
Impact
Exploitation of this vulnerability allows for the creation of unauthorized admin accounts, potentially leading to unauthorized access and privileges within the application.
Reproduction
To reproduce this vulnerability, a CSRF attack can be executed by sending a crafted HTML form to the target application. The form should be set to submit to 'kulyon.php' via POST method, including hidden fields for 'username', 'password', 'privilege', and a submit button. When the victim unknowingly submits this form, an admin account is created with the specified credentials.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.