Unrated severityNVD Advisory· Published Jul 31, 2012· Updated Apr 29, 2026

CVE-2012-2626

Description

cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.0 does not require token authentication, which allows remote attackers to add administrative accounts via a userprefs action.

Affected products

SonicWall/Scrutinizer
cpe:2.3:a:sonicwall:scrutinizer:*:*:*:*:*:*:*:*
Range: <9.5.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.trustwave.com/spiderlabs/advisories/TWSL2012-014.txtnvdExploitThird Party Advisory
www.plixer.com/Press-Releases/plixer-releases-9-5-2.htmlnvdBroken LinkThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.061
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000