CVE-2017-11646

NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the device.

CVSS v3 8.8 HIGH
CVSS v2.0 6.8 MEDIUM

8.8^/10

CVSS v3 : HIGH

Vector : AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://iscouncil.blogspot.com/2017/07/cross-site-request-forgery.html	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:netcomm:4gt101w_software:1.1.8.8:*:*:*:*:*:*:*

cpe:2.3:o:netcomm:4gt101w_bootloader:1.1.3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-07-28 05:29

Updated : 2024-02-04 19:29

NVD link : CVE-2017-11646

Mitre link : CVE-2017-11646

CVE.ORG link : CVE-2017-11646

JSON object : View

Products Affected

netcomm

4gt101w_bootloader
4gt101w_software

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

{"id": "CVE-2017-11646", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2017-07-28T05:29:00.417", "references": [{"url": "https://iscouncil.blogspot.com/2017/07/cross-site-request-forgery.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. They does not contain any token that can mitigate CSRF vulnerabilities within the device."}, {"lang": "es", "value": "Los enrutadores NetComm Wireless 4GT101W con Hardware: versi\u00f3n 0.01/Software: versi\u00f3n V1.1.8.8/Cargador de Arranque: versi\u00f3n 1.1.3, son vulnerables a los ataques de tipo CSRF, como es demostrado usando el archivo administration.html para deshabilitar el firewall. No contienen ning\u00fan token que pueda mitigar las vulnerabilidades de CSRF dentro del dispositivo."}], "lastModified": "2017-08-04T16:22:07.970", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netcomm:4gt101w_software:1.1.8.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5CC69B9B-1F1E-430C-9B7D-EFF11F311C59"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netcomm:4gt101w_bootloader:1.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75D44258-A822-40DF-9AA3-E63C331597CA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}