Security Advisory

CVE-2020-36969

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-28 17:35:10

Last updated 2026-03-05 01:27:13

Assigner VulnCheck

State PUBLISHED

Description

M/Monit 3.7.4 contains a privilege escalation vulnerability that allows authenticated users to modify user permissions by manipulating the admin parameter. Attackers can send a POST request to the /api/1/admin/users/update endpoint with a crafted payload to grant administrative access to a standard user account.

← Browse all CVEs View on cve.org ↗