CVE-2020-36908

SnapGear Management Console SG560 version 3.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft a malicious web page that automatically submits a form to create a new super user account with full administrative privileges when a logged-in user visits the page.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/182969	Third Party Advisory
https://packetstorm.news/files/id/157937	Exploit Third Party Advisory
https://www.exploit-db.com/exploits/48554	Exploit Third Party Advisory VDB Entry
https://www.vulncheck.com/advisories/secure-computing-snapgear-management-console-sg-cross-site-request-forgery-via-admin-users	Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5567.php	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:securecomputing:snapgear_sg560_firmware:3.1.5:*:*:*:*:*:*:*

cpe:2.3:h:securecomputing:snapgear_sg560:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2026-01-06 16:15

Updated : 2026-02-23 19:00

NVD link : CVE-2020-36908

Mitre link : CVE-2020-36908

CVE.ORG link : CVE-2020-36908

JSON object : View

Products Affected

securecomputing

snapgear_sg560
snapgear_sg560_firmware

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

{"id": "CVE-2020-36908", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}], "cvssMetricV40": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.1, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-01-06T16:15:46.500", "references": [{"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/182969", "tags": ["Third Party Advisory"], "source": "disclosure@vulncheck.com"}, {"url": "https://packetstorm.news/files/id/157937", "tags": ["Exploit", "Third Party Advisory"], "source": "disclosure@vulncheck.com"}, {"url": "https://www.exploit-db.com/exploits/48554", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "disclosure@vulncheck.com"}, {"url": "https://www.vulncheck.com/advisories/secure-computing-snapgear-management-console-sg-cross-site-request-forgery-via-admin-users", "tags": ["Third Party Advisory"], "source": "disclosure@vulncheck.com"}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5567.php", "tags": ["Exploit", "Third Party Advisory"], "source": "disclosure@vulncheck.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "disclosure@vulncheck.com", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "SnapGear Management Console SG560 version 3.1.5 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft a malicious web page that automatically submits a form to create a new super user account with full administrative privileges when a logged-in user visits the page."}, {"lang": "es", "value": "SnapGear Management Console SG560 versi\u00f3n 3.1.5 contiene una vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados que permite a los atacantes realizar acciones administrativas sin el consentimiento del usuario. Los atacantes pueden elaborar una p\u00e1gina web maliciosa que env\u00eda autom\u00e1ticamente un formulario para crear una nueva cuenta de superusuario con privilegios administrativos completos cuando un usuario autenticado visita la p\u00e1gina."}], "lastModified": "2026-02-23T19:00:41.383", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:securecomputing:snapgear_sg560_firmware:3.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE321BF7-C382-4285-9CE2-E05D469404C5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:securecomputing:snapgear_sg560:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E590B288-804B-4C90-8108-1688CCE71A4E"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "disclosure@vulncheck.com"}