cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer prior to 9.0.1.19899 does not validate user permissions, which allow remote malicious users to add user accounts with administrator privileges via the newuser, pwd, and selectedUserGroup parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
plixer scrutinizer netflow \\& sflow analyzer |