CVE-2020-36908

Publication date

2026-01-06 15:52:21

Family

VulnCheck

State

PUBLISHED

Description

SnapGear Management Console SG560 version 3.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft a malicious web page that automatically submits a form to create a new super user account with full administrative privileges when a logged-in user visits the page.