CVE-2020-24034

Name of the Vulnerable Software and Affected Versions Sagemcom F@ST 5280 version 1.150.61

Description The issue allows any authenticated user to perform a privilege escalation to any other user due to insecure deserialization. By making a request with valid sess id, nonce, and ha1 values inside of the serialized session cookie, an attacker may alter the user value inside of this cookie and assume the role and permissions of the specified user. This can lead to gaining the permissions of the internal account, which includes the ability to flash custom firmware to the router, resulting in a complete compromise.

Recommendations For Sagemcom F@ST 5280 version 1.150.61, as a temporary workaround, consider restricting access to the serialized session cookie until a patch is available. Avoid using the user value in the affected cookie to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.