CVE-2013-0126

Name of the Vulnerable Software and Affected Versions Actiontec MI424WR-GEN3I router with firmware 40.19.36

Description The issue concerns multiple cross-site request forgery (CSRF) vulnerabilities in the index.cgi file of the affected router. These vulnerabilities allow remote attackers to hijack the authentication of administrators for specific requests. The requests in question include adding administrative accounts via the username and user level parameters, as well as enabling remote administration through the is telnet primary and is telnet secondary parameters.

Recommendations For the Actiontec MI424WR-GEN3I router with firmware 40.19.36, consider disabling remote administration until a patch is available to prevent exploitation of the CSRF vulnerabilities. Additionally, restrict access to the index.cgi file and its associated parameters (username, user level, is telnet primary, and is telnet secondary) to minimize the risk of unauthorized administrative account additions or changes to remote administration settings.