CVE-2013-6826

FortiAnalyzer < 5.0.5 - Cross-Site Request Forgery via csrf_token Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-6826. PoCs published by William Costa.

AI-analyzed exploit summary This HTML-based PoC demonstrates a CSRF vulnerability in FortiAnalyzer, allowing an attacker to create an unauthorized admin user via a crafted form submission. The exploit targets versions prior to 4.3.7 and 5.0.5.

Description

cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer before 5.0.5 does not properly validate the csrf_token parameter, which allows remote attackers to perform cross-site request forgery (CSRF) attacks.

Exploits (1)

exploitdb WORKING POC VERIFIED
by William Costa · htmlremotehardware
https://www.exploit-db.com/exploits/38824

This HTML-based PoC demonstrates a CSRF vulnerability in FortiAnalyzer, allowing an attacker to create an unauthorized admin user via a crafted form submission. The exploit targets versions prior to 4.3.7 and 5.0.5.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: FortiAnalyzer < 4.3.7, < 5.0.5
No auth needed
Prerequisites: Victim must be authenticated to the FortiAnalyzer web interface · Attacker must trick victim into visiting a malicious page
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/63663

Scores

EPSS 0.0193
EPSS Percentile 77.3%

Details

CWE
CWE-352
Status published
Products (7)
fortinet/fortianalyzer-1000d
fortinet/fortianalyzer-2000b
fortinet/fortianalyzer-200d
fortinet/fortianalyzer-3000d
fortinet/fortianalyzer-300d
fortinet/fortianalyzer-4000b
fortinet/fortianalyzer_firmware < 5.0.4
Published Nov 20, 2013
Tracked Since Feb 18, 2026