Author Topic: Avira – Critical CSRF flaw Vulnerability puts millions users at risk  (Read 1287 times)

0 Members and 1 Guest are viewing this topic.

Offline Jasper The Rasper

  • Update Moderator
  • Sr. Member
  • *****
  • Posts: 261
    • View Profile
by Pierluigi Paganini on September 20th, 2014

Egyptian bug hunter discovered that Avira Website is affected by CSRF flaw that allows attackers to hijack users’ accounts and access to their online backup.
What do you think about if tell you that an antivirus could represent a menace for your system? Antivirus like any other kind of software could be exploited by threat actors to compromise the machine as already explained my previous post.
The popular antivirus software Avira that includes a Secure Backup service is vulnerable to a critical web application vulnerability that could allow an attacker to take over the user’s account.
The Egyptian 16 year-old expert Mazen Gamal reported to The Hacker News that the Avira Website is affected by a CSRF (Cross-site request forgery) vulnerability that allows an attacker to hijack users’ accounts and access to their online secure cloud backup files.

Full Article - http://securityaffairs.co/wordpress/28496/hacking/avira-csrf-flaw.html
Microsoft® Windows Insider MVP - Windows Security

Offline hayc59

  • Voodoo Child
  • Hero Member
  • *****
  • Posts: 1459
  • Gentleman
    • View Profile
Re: Avira – Critical CSRF flaw Vulnerability puts millions users at risk
« Reply #1 on: September 21, 2014, 04:47:57 AM »
Thanks Jeff!!

9.11.01
"The most beautiful flower loses her beauty one day, but a hard faithful friend an eternity"
"Beauty that is not hidden to deepest of my soul can be seen that with eyes of the heart"

'Never Forget'