A CSRF issue in WiKID 2FA Enterprise Server up to and including 4.2.0-b2053 allows a remote malicious user to trick an authenticated user into performing unintended actions such as (1) create or delete admin users; (2) create or delete groups; or (3) create, delete, enable, or disable normal users or devices.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wikidsystems 2fa enterprise server 3.4.87 |
||
wikidsystems 2fa enterprise server 3.5.0 |
||
wikidsystems 2fa enterprise server 3.6.0 |
||
wikidsystems 2fa enterprise server 4.0.1 |
||
wikidsystems 2fa enterprise server 4.0.2 |
||
wikidsystems 2fa enterprise server 4.2.0 |
||
wikidsystems 2fa enterprise server 3.4.81 |
||
wikidsystems 2fa enterprise server 3.4.85 |
||
wikidsystems 2fa enterprise server 4.1.0 |
||
wikidsystems 2fa enterprise server 4.0 |