CVE-2020-37144
MEDIUMExagate SYSGuard 6001 - CSRF
Title source: llmDescription
Exagate SYSGuard 6001 contains a cross-site request forgery vulnerability that allows attackers to create unauthorized admin accounts through a crafted HTML form. Attackers can trick users into submitting a malicious form to /kulyon.php that adds a new user with administrative privileges without the victim's consent.
Exploits (1)
exploitdb
WORKING POC
by Metin Yunus Kandemir · textwebappsphp
https://www.exploit-db.com/exploits/48234
References (4)
Scores
CVSS v3
5.3
EPSS
0.0002
EPSS Percentile
5.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Classification
CWE
CWE-352
Status
draft
Timeline
Published
Feb 05, 2026
Tracked Since
Feb 18, 2026