High severity8.8NVD Advisory· Published Mar 3, 2017· Updated Jun 17, 2026
CVE-2016-10206
CVE-2016-10206
Description
Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack the authentication of users for requests that change passwords and possibly have unspecified other impact as demonstrated by a crafted user action request to index.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*range: <=1.30.0
- (no CPE)range: <=1.30
Patches
Vulnerability mechanics
References
3- www.openwall.com/lists/oss-security/2017/02/05/1nvdExploitMailing List
- www.foxmole.com/advisories/foxmole-2016-07-05.txtnvdExploitThird Party Advisory
- www.securityfocus.com/bid/97114nvd
News mentions
0No linked articles in our index yet.