CVE-2023-37650

CVE-2023-37650

EPSS 0.5%

A Cross-Site Request Forgery (CSRF) in the Admin portal of Cockpit CMS v2.5.2 allows attackers to execute arbitrary Administrator commands.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/Cockpit-HQ/Cockpit/releases/tag/2.6.0 https://www.ghostccamm.com/blog/multi_cockpit_vulns/