An issue was discovered in SolarWinds N-Central 12.3.0.670. The AdvancedScripts HTTP endpoint allows CSRF.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25622
Reference (s):
- https://ernw.de/en/publications.html
- https://insinuator.net/2020/12/security-advisories-for-solarwinds-n-central/
- https://support.solarwinds.com/SuccessCenter/s/