ISE SOHO Vulnerability Catalog Published - Independent Security ...
ISE SOHO Vulnerability Catalog Published - Independent Security ...
ISE SOHO Vulnerability Catalog Published - Independent Security ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
TP-‐LINK TL-‐WDR4300 <br />
<strong>Vulnerability</strong>: Cross-‐Site Request Forgery <br />
CVE: CVE-2013-4848<br />
Description<br />
The TP-LINK TL-WDR4300 router is susceptible to several Cross-Site Request Forgery<br />
attacks, which allows an attacker to forge HTML forms and execute actions on behalf of<br />
the target user.<br />
Attack Requirements<br />
♦ The victim must have an active web application session on their router.<br />
♦ The victim must follow a link crafted by an attacker (e.g., by clicking the link<br />
directly, or through some other mechanism such as redirection from a malicious<br />
site).<br />
♦ The victim must have the necessary permissions to render and execute the forged<br />
HTTP.<br />
Details<br />
♦ All HTML forms present in the TP-LINK TL-WDR4300 are susceptible to Cross-<br />
Site Request Forgery.<br />
♦ Vulnerable Firmware - wdr4300v1_en_3_13_31_up(130319).<br />
♦ Other firmware versions were not tested and may be vulnerable.<br />
Impact<br />
If an unauthenticated remote attacker is able to fool an authenticated user into clicking a<br />
malicious link, the attacker is able to launch an attack that has the capability to<br />
compromise the router.<br />
Solution<br />
♦ Upgrade the routers firmware to the latest release.<br />
♦ DO NOT STAY LOGGED INTO THE ROUTER'S MANAGEMENT<br />
INTERFACE.<br />
♦ Restrict access to WAN services such as remote management to prevent an<br />
attacker from gaining access if an attack is successful.<br />
Proof of Concept Exploit<br />
In progress. <br />
<br />
100