CVE-2023-37650

Name of the Vulnerable Software and Affected Versions Cockpit CMS version 2.5.2

Description A Cross-Site Request Forgery (CSRF) in the Admin portal allows attackers to execute arbitrary Administrator commands.

Recommendations For Cockpit CMS version 2.5.2, consider disabling access to the Admin portal until a patch is available. Restrict access to the Admin portal to minimize the risk of exploitation. As a temporary workaround, limit the execution of Administrator commands to trusted users only. At the moment, there is no information about a newer version that contains a fix for this vulnerability.