EZGenerator contains a cross-site request forgery vulnerability, which could allow attackers to execute arbitrary administrative actions if a user clicked on a malicious link from the attacker.
Cross-Site Request Forgery
Exploitation of this vulnerability is possible via forged HTML forms, sent to a victim through a number of different attack vectors (including malicious links). Attackers who successfully exploit this vulnerability may be able execute administrative actions.
BeyondTrust Prevention and Detection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
- 32331 - EZGenerator Cross-Site Request Forgery (20140109) (Zero-Day)
- 32332 - EZGenerator Cross-Site Request Forgery (20140109) (Zero-Day) - x64
No mitigation is available.