CNNVD-202512-1113 Information

CNNVD ID

CNNVD-202512-1113

Related CVE

CVE-2021-47723

• CNNVD Published: 2025-12-09

Description (Chinese)

STVS ProVision是美国STVS公司的一款先进视频管理系统。 STVS ProVision 5.9.10版本存在跨站请求伪造漏洞，该漏洞源于未验证HTTP请求存在跨站请求伪造问题，可能导致创建管理员用户。

Description (English)

STVS ProVision is an advanced video management system of the United States company STVS. Version 5.9.10 of STVS ProVision contains a false gap in the cross-site request, which arises from the failure to verify that the HTTP request contains a false cross-site request, which may lead to the creation of an administrator user.

Hazard Level

High

Vulnerability Type

跨站请求伪造

Affected Vendor

STVS

Published

2025-12-09

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/49482 https://www.vulncheck.com/advisories/stvs-provision-cross-site-request-forgery-add-admin http://www.stvs.ch https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5625.php https://access.redhat.com/security/cve/cve-2021-47723