CVE-2016-20035 in Streaming Engineالمعلومات

الملخص

بحسب MITRE • 16/03/2026

Wowza Streaming Engine 4.5.0 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by crafting malicious web pages. Attackers can trick logged-in administrators into visiting a malicious site that submits POST requests to the user edit endpoint to create new admin accounts with arbitrary credentials.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

VulnCheck

حجز

15/03/2026

إفشاء

16/03/2026

الاعتدال

تمت الموافقة

إدخال

VDB-351174

CPE

جاهز

CWE

CWE-352 (مؤكد)

استغلال

تحميل

CVSS

4.3 (NVD)

EPSS

0.00059

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-20035
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-20035
CVE Details	https://www.cvedetails.com/cve/CVE-2016-20035/

التالي ▸نظرة عامة ◂ السابق

Want to know what is going to be exploited?

We predict KEV entries!