CVE-2016-20035 in Streaming Engineinformação

Sumário

de MITRE • 16/03/2026

Wowza Streaming Engine 4.5.0 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by crafting malicious web pages. Attackers can trick logged-in administrators into visiting a malicious site that submits POST requests to the user edit endpoint to create new admin accounts with arbitrary credentials.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

VulnCheck

Reservar

15/03/2026

Divulgação

16/03/2026

Moderação

aceite

Entrada

VDB-351174

CPE

pronto

CWE

CWE-352 (confirmado)

Exploração

Descarregar

CVSS

4.3 (NVD)

EPSS

0.00059

KEV

não

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-20035
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-20035
CVE Details	https://www.cvedetails.com/cve/CVE-2016-20035/

◂ Voltar Visão Geral Próximo ▸

Interested in the pricing of exploits?

See the underground prices here!