CNNVD-202602-846 Information

Feb 05, 2026 cve

CNNVD ID

CNNVD-202602-846

CVE-2020-37118

  • CNNVD Published: 2026-02-05

Description (Chinese)

P5 FNIP-8x16A和P5 FNIP-4xSH都是英国P5公司的一款以太网继电器控制器。 P5 FNIP-8x16A和P5 FNIP-4xSH 1.0.20版本存在跨站请求伪造漏洞,该漏洞源于容易受到跨站请求伪造攻击,可能导致攻击者执行管理操作。

Description (English)

P5 FNIP-8x16A and P5 FNIP-4xSH are all Ethernet relay controllers of the British company P5. Versions P5 FNIP-8x16A and P5 FNIP-4xSH 1.0.20 contain a false gap in cross-site requests, which arises out of the vulnerability of cross-site requests to false attacks, which may lead the attackers to perform management operations.

Hazard Level

Critical

Vulnerability Type

跨站请求伪造

Affected Vendor

P5

Published

2026-02-05

Last Modified

2026-02-24

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/180253 https://packetstorm.news/files/id/157318 https://www.exploit-db.com/exploits/48362 https://www.p5.hu/ https://www.vulncheck.com/advisories/p-fnip-xa-fnip-xsh-cross-site-request-forgery-add-admin https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5564.php

Share on: