Unrated severityNVD Advisory· Published Dec 9, 2025· Updated Apr 7, 2026

STVS ProVision Cross-Site Request Forgery (Add Admin)

CVE-2021-47723

Description

STVS ProVision 5.9.10 contains a cross-site request forgery vulnerability that allows attackers to perform actions with administrative privileges by exploiting unvalidated HTTP requests. Attackers can visit malicious web sites to trigger the forge request, allowing them to create new admin users.

Affected products

STVS/ProVisionllm-fuzzy
Range: =5.9.10
STVS SA/STVS ProVisionv5
Range: 5.9.10 (build 2885-3a8219a)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/49482mitreexploit
www.vulncheck.com/advisories/stvs-provision-cross-site-request-forgery-add-adminmitrethird-party-advisory
www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5625.phpmitrethird-party-advisory
www.stvs.chmitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000