King Of Pirates

**Name of the Vulnerable Software and Affected Versions** Sagem F@ST 2604 version 253180972B **Description** A cross-site request forgery issue exists, allowing remote attackers to hijack administrator authentication for requests that change the administrator password via the `sysPassword` parameter. **Recommendations** For Sagem F@ST 2604 version 253180972B, as a temporary workaround, consider restricting access to the password.cgi module to minimize the risk of exploitation. Avoid using the `sysPassword` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.