MEDIUM🇬🇧 English

CVE-2009-2738

CVSS 4.3v2.0pub. 2009-08-11upd. 2026-04-23

Cross-site request forgery (CSRF) vulnerability in the WebGUI in FreeNAS before 0.7RC1 allows remote attackers to hijack the authentication of users for unspecified requests via unknown vectors.

oryginał EN
CVSS Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
  • Freenas

    APP
    Freenas
    0.69.1≤ 0.69.2
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2014-5334CRITICAL9.8ten sam produkt

FreeNAS before 9.3-M3 has a blank admin password, which allows remote attackers to gain root privileges by lev...

CVE-2009-2739MEDIUM4.3ten sam produkt

Cross-site scripting (XSS) vulnerability in FreeNAS before 0.69.2 allows remote attackers to inject arbitrary ...

CVE-2009-2738 — MEDIUM 4.3 | CVEbaza.pl