PT-2020-13645 · Lansweeper · Lansweeper

Published

2020-09-29

Updated

2025-03-19

CVE-2020-13658

CVSS v3.1

8.0

High

Vector

AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Lansweeper version 8.0.130.17

Description The issue allows a low-level Lansweeper user to elevate their privileges within the application through a CSRF attack on the web console.

Recommendations For Lansweeper version 8.0.130.17, consider implementing CSRF protection mechanisms, such as token-based validation, to prevent unauthorized requests and mitigate the risk of privilege elevation.

Exploit

Fix

LPE

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2020-13658

Affected Products

Lansweeper

PT-2020-13645 · Lansweeper · Lansweeper

CVE-2020-13658

Weakness Enumeration

Related Identifiers

Affected Products

References · 6