CNNVD-202601-1035 Information

CNNVD ID

CNNVD-202601-1035

Related CVE

CVE-2020-36906

• CNNVD Published: 2026-01-06

Description (Chinese)

P5 FNIP-8x16A是英国P5公司的一款以太网继电器控制器。 P5 FNIP-8x16A 1.0.20版本存在跨站请求伪造漏洞，该漏洞源于容易受到跨站请求伪造攻击，可能导致执行添加管理员、修改密码等管理操作。

Description (English)

P5 FNIP-8x16A is an Ethernet relay controller for British P5. Version 1.0.20 of P5 FNIP-8x16A contains a false gap in cross-site requests, which arises from the vulnerability of cross-site requests to false attacks, which may lead to management operations such as the addition of administrators, the modification of passwords, etc.

Hazard Level

High

Vulnerability Type

跨站请求伪造

Affected Vendor

P5

Published

2026-01-06

Last Modified

2026-02-24

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/180252 https://exchange.xforce.ibmcloud.com/vulnerabilities/180253 https://packetstorm.news/files/id/157318 https://www.exploit-db.com/exploits/48362 https://www.p5.hu https://www.vulncheck.com/advisories/p-fnip-xa-fnip-xsh-cross-site-request-forgery-via-user-management https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5564.php