CVE-2010-4507

Name of the Vulnerable Software and Affected Versions iSpot versions 2.0.0.0 R1679 ClearSpot versions 2.0.0.0 R1512 through 2.0.0.0 R1786 with firmware 1.9.9.4

Description The issue allows remote attackers to hijack the authentication of administrators for various requests, including executing arbitrary commands, enabling remote management, enabling the TELNET service, enabling TELNET sessions, and reading arbitrary files. This can be achieved through multiple cross-site request forgery (CSRF) vulnerabilities. Specifically, the vulnerabilities exist in the following API endpoints and parameters: "webmain.cgi" with the cmd parameter in an "act cmd result" action, "webmain.cgi" with an "enable remote access" "act network set" action, "webmain.cgi" with an "ENABLE TELNET" "act set wimax etc config" action, "webmain.cgi" with a certain "act network set" action, and "upgrademain.cgi" with the FILE PATH parameter in an "act file download" action.

Recommendations For iSpot version 2.0.0.0 R1679, consider disabling the cmd parameter in the "act cmd result" action to "webmain.cgi" and restrict access to the "enable remote access" and "ENABLE TELNET" actions until a patch is available. For ClearSpot versions 2.0.0.0 R1512 through 2.0.0.0 R1786 with firmware 1.9.9.4, restrict access to the "act network set" action and the FILE PATH parameter in the "act file download" action to "upgrademain.cgi" until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.