CVE-2017-11679

CVE-2017-11679

EPSS 0.7%

Cross-Site Request Forgery (CSRF) exists in Hashtopus 1.5g via the password parameter to admin.php in an a=config action.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/curlyboi/hashtopus/issues/63 http://www.securityfocus.com/bid/99984