CVE-2012-2999

Name of the Vulnerable Software and Affected Versions Cerberus FTP Server versions prior to 5.0.5.0

Description The issue affects the web interface of the software, where multiple cross-site request forgery (CSRF) vulnerabilities are present. These vulnerabilities allow remote attackers to hijack the authentication of administrators for specific requests, such as adding a user account or reconfiguring the state of the FTP service. This can be achieved through requests to specific endpoints, for example, "usermanager/users/modify".

Recommendations For versions prior to 5.0.5.0, update to version 5.0.5.0 or later to resolve the issue.