CVE-2011-5284

Name of the Vulnerable Software and Affected Versions Smoothwall Express versions 3.0 SP3 and earlier, Smoothwall Express version 3.1

Description A cross-site request forgery (CSRF) issue exists in the web management interface, specifically in the httpd/cgi-bin/shutdown.cgi endpoint. This allows remote attackers to hijack the authentication of administrators for requests that perform a reboot via a request to "cgi-bin/shutdown.cgi".

Recommendations For Smoothwall Express versions 3.0 SP3 and earlier, and version 3.1, consider disabling access to the "cgi-bin/shutdown.cgi" endpoint until a fix is available to prevent exploitation. Restrict access to the web management interface to minimize the risk of CSRF attacks.