CVE-2016-7067 MEDIUM

CVE-2016-7067

Vendor Tildeslash Ltd.
Product monit
Weakness CWE-352 · CSRF
Published September 10, 2018
Last update August 6, 2024
View on NVD All CVEs

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

Monit before version 5.20.0 is vulnerable to a cross site request forgery attack. Successful exploitation will enable an attacker to disable/enable all monitoring for a particular host or disable/enable monitoring for a specific service.

Key dates

02Disclosure timeline

September 10, 2018 CVE published
August 6, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-32785 WordPress The Pack Elementor addons plugin <= 2.0.8.3 - Cross Site Request Forgery (CSRF) to XSS vulnerability CVE-2024-53716 WordPress wp auto top plugin <= 2.9.3 - CSRF to Stored Cross Site Scripting (XSS) vulnerability CVE-2024-53789 WordPress Advanced What should we write next about plugin <=1.0.3 - CSRF to Stored Cross Site Scripting (XSS) vulnerability CVE-2025-2871 WordPress Mega Menu – QuadMenu <= 3.2.0 - Cross-Site Request Forgery to Limited User Meta Update CVE-2023-49843 WordPress First Order Discount Woocommerce Plugin <= 1.21 is vulnerable to Cross Site Request Forgery (CSRF)