Description

TruDesk Help Desk/Ticketing Solution v1.1.11 is vulnerable to a Cross-Site Request Forgery (CSRF) attack which would allow an attacker to restart the server, causing a DoS attack. The attacker must craft a webpage that would perform a GET request to the /api/v1/admin/restart endpoint, then the victim (who has sufficient privileges), would visit the page and the server restart would begin. The attacker must know the full URL that TruDesk is on in order to craft the webpage.

INFO

Published Date :

2024-06-24T00:00:00.000Z

Last Modified :

2024-08-04T04:54:29.505Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2021-45785 vulnerability.

Vendors Products
Trudesk Project
  • Trudesk
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2021-45785.

URL Resource
https://1d8.github.io/cves/cve_2021_45785/ cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact