CNNVD-202602-1877 Information

CNNVD ID

CNNVD-202602-1877

Related CVE

CVE-2020-37172

• CNNVD Published: 2026-02-11

Description (Chinese)

AVideo是World Wide Broadcast Network开源的一个广播网络创建工具。 AVideo 8.1版本存在授权问题漏洞，该漏洞源于跨站请求伪造，可能导致攻击者利用密码恢复机制重置用户密码。

Description (English)

AVideo is an open-source radio network creation tool for the World Wide Broadcast Network. Version 8.1 of AVideo has a mandate gap, which stems from cross-site requests for forgery, which may lead the attackers to use the password restoration mechanism to replace the user password.

Hazard Level

High

Vulnerability Type

授权问题

Affected Vendor

World Wide Broadcast Network

Published

2026-02-11

Last Modified

2026-02-24

References

https://avideo.com https://github.com/WWBN/AVideo https://www.exploit-db.com/exploits/48003 https://www.vulncheck.com/advisories/avideo-platform-cross-site-request-forgery-password-reset