CVE-2020-14025

2020-09-2217:41:28

mitre

www.cve.org

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.5%

JSON

Ozeki NG SMS Gateway through 4.17.6 has multiple CSRF vulnerabilities. For example, an administrator, by following a link, can be tricked into making unwanted changes such as installing new modules or changing a password.

References

github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14025-Cross-Site%20Request%20Forgery-Ozeki%20SMS%20Gateway

www.ozeki.hu/index.php?owpn=231