Cerberus · Cerberus Ftp Server · CVE-2012-2999
**Name of the Vulnerable Software and Affected Versions**
Cerberus FTP Server versions prior to 5.0.5.0
**Description**
The issue affects the web interface of the software, where multiple cross-site request forgery (CSRF) vulnerabilities are present. These vulnerabilities allow remote attackers to hijack the authentication of administrators for specific requests, such as adding a user account or reconfiguring the state of the FTP service. This can be achieved through requests to specific endpoints, for example, "usermanager/users/modify".
**Recommendations**
For versions prior to 5.0.5.0, update to version 5.0.5.0 or later to resolve the issue.