CVE-2020-37007
Cross-Site Request Forgery in Liman 0.7 Allows Account Takeover
Publication date: 2026-01-29
Last updated on: 2026-02-17
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| salihciftci | liman | 0.7 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-565 | The product relies on the existence or values of cookies when performing security-critical operations, but it does not properly ensure that the setting is valid for the associated user. |
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to change your user account settings, including your password, without your knowledge or consent. An attacker can trick you into loading a malicious HTML form that automatically submits unauthorized requests to Liman, potentially leading to account takeover or unauthorized modifications to your account information. [1, 2]
Can you explain this vulnerability to me?
This vulnerability is a Cross-Site Request Forgery (CSRF) in Liman 0.7 that allows attackers to manipulate user account settings without proper request validation. Attackers can craft malicious HTML forms that trick logged-in users into submitting unauthorized requests, such as changing passwords or modifying account information, without the users' consent. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unauthorized POST requests to the Liman endpoints that manage user account settings, specifically to URLs like http://127.0.0.1:5000/settings/profile and http://127.0.0.1:5000/settings/password. You can use network traffic analysis tools such as tcpdump or Wireshark to capture HTTP POST requests to these endpoints. For example, a command like `tcpdump -i any -A 'tcp port 5000 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | grep -i POST` can help detect suspicious POST requests. Additionally, reviewing web server logs for unexpected or unauthorized POST requests to these endpoints can help identify exploitation attempts. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing CSRF protection mechanisms on the Liman application, such as adding CSRF tokens to all forms that modify user account settings. Until a patch is available, restrict access to the Liman web interface to trusted networks or users only, and educate users to avoid clicking on suspicious links or opening untrusted HTML files while logged into Liman. Additionally, consider using web application firewalls (WAF) to block unauthorized POST requests to the vulnerable endpoints. If possible, update or patch Liman to a version that includes CSRF protections. [1, 2]