VYPR
Unrated severityNVD Advisory· Published Apr 14, 2021· Updated Aug 3, 2024

CVE-2021-27181

CVE-2021-27181

Description

An issue was discovered in MDaemon before 20.0.4. Remote Administration allows an attacker to perform a fixation of the anti-CSRF token. In order to exploit this issue, the user has to click on a malicious URL provided by the attacker and successfully authenticate into the application. Having the value of the anti-CSRF token, the attacker may trick the user into visiting his malicious page and performing any request with the privileges of attacked user.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • MDaemon/MDaemon Remote Administrationdescription
  • Alt N/Mdaemonllm-fuzzy
    Range: <20.0.4

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.