CVE-2011-0886

Name of the Vulnerable Software and Affected Versions SMC SMCD3G-CCR (aka Comcast Business Gateway) versions prior to 1.4.0.49.2

Description The issue concerns multiple cross-site request forgery (CSRF) vulnerabilities in the web interface. These vulnerabilities allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that perform a login via "goform/login". Additionally, attackers can hijack the authentication of administrators for requests that enable external logins via an "mso remote enable" action to "goform/RemoteRange" or change DNS settings via a "manual dns enable" action to "goform/Basic".

Recommendations For versions prior to 1.4.0.49.2, update the firmware to version 1.4.0.49.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the web interface and avoiding the use of the vulnerable goform/login, goform/RemoteRange, and goform/Basic endpoints until the update is applied.