CVE-2020-37144

Name of the Vulnerable Software and Affected Versions Exagate SYSGuard 6001

Description The software contains a cross-site request forgery condition that enables attackers to create unauthorized administrator accounts via a specially designed HTML form. Attackers can deceive users into submitting a malicious form to the /kulyon.php endpoint, which adds a new user with administrative privileges without the user’s knowledge.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.