cbcvebase.
CVE-2016-7067
published 2018-09-10

CVE-2016-7067: Monit before version 5.20.0 is vulnerable to a cross site request forgery attack. Successful exploitation will enable an attacker to disable/enable all…

PriorityP427medium6.5CVSS 3.0
AVNACLPRNUIRSUCNIHAN
EPSS
0.88%
54.6th percentile
Monit before version 5.20.0 is vulnerable to a cross site request forgery attack. Successful exploitation will enable an attacker to disable/enable all monitoring for a particular host or disable/enable monitoring for a specific service.

Affected

7 ranges
VendorProductVersion rangeFixed in
debianmonit< monit 1:5.20.0-1 (bookworm)monit 1:5.20.0-1 (bookworm)
mmonitmonit< 5.20.05.20.0
tildeslashmonit>= 0 < 1:5.20.0-11:5.20.0-1
tildeslashmonit>= 0 < 1:5.20.0-11:5.20.0-1
tildeslashmonit>= 0 < 1:5.20.0-11:5.20.0-1
tildeslashmonit>= 0 < 1:5.20.0-11:5.20.0-1
tildeslash_ltdmonit

CVSS provenance

nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv6.5MEDIUM
vendor_debian6.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.