CVE-2018-10252

Name of the Vulnerable Software and Affected Versions: Actiontec WCB6200Q versions prior to 1.1.10.20a

Description: An issue allows admin session hijacking due to insecurely generated admin login session cookies. When an admin logs in, a session cookie is generated using the time of day rounded to 10ms. Since the web server returns its current time of day in responses, it is possible to step backward through possible session values until a working one is found. Once a working session ID is found, an attacker then has admin control of the device and can add a secondary SSID to create a backdoor to the network.

Recommendations: For Actiontec WCB6200Q versions prior to 1.1.10.20a, update to version 1.1.10.20a or later to resolve the issue. As a temporary workaround, consider restricting access to the admin login interface to minimize the risk of exploitation.