What the vulnerability does
01Description
Missing Authorization vulnerability in Surfer Surfer surferseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Surfer: from n/a through <= 1.6.4.574.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
What the vulnerability does
Missing Authorization vulnerability in Surfer Surfer surferseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Surfer: from n/a through <= 1.6.4.574.
Explanation of Vulnerability in Simple Terms
Surfer versions up to 1.6.4.574 lack proper authorization checks, allowing unauthenticated attackers to modify data on the site. The vulnerability requires no special access or user interaction. An attacker can exploit this over the network to alter information, though they cannot read sensitive data or disrupt availability.
What an attacker can do
Modify site data without authentication.
Potential impact on your site
Unauthorized changes to site content or configuration by remote attackers.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources