Vulnerabilities > CVE-2019-14476 - Server-Side Request Forgery (SSRF) vulnerability in Adremsoft Netcrunch 10.6.0.4587

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
adremsoft
CWE-918
NVD
Published: 2020-12-16
Updated: 2020-12-18

Summary

AdRem NetCrunch 10.6.0.4587 has a Server-Side Request Forgery (SSRF) vulnerability in the NetCrunch server. Every user can trick the server into performing SMB requests to other systems.

Vulnerable Configurations

Part Description Count
Application
Adremsoft
1

Common Weakness Enumeration (CWE)

References