Published:2008/07/22  Last Updated:2008/07/22

JVN#67573833
Multiple Century Systems routers vulnerable to cross-site request forgery

Overview

The web interface in multiple Century Systems routers is vulnerable to cross-site request forgery.

Products Affected

  • XR-410 ver1.6.8 and earlier
  • XR-440 ver1.7.7 and earlier
  • XR-510 ver3.5.0 and earlier
  • XR-540 ver3.5.2 and earlier
  • XR-640 ver1.6.7 and earlier
  • XR-730 ver3.5.0 and earlier
  • XR-1100 ver1.6.2 and earlier
  • XR-410-L2 ver1.6.1 and earlier
  • XR-640-L2 ver1.6.1 and earlier
For more information, refer to the vendor's website.

Description

Multiple Century Systems Co., Ltd. routers provide a web-based interface for users to configure the routers. The web interface is vulnerable to cross-site request forgery.

Impact

If the administrator views a malicious website while logged onto the web interface, the password and other configuration settings could be modified.

Solution

Update the Software

For XR-410 and XR-510 users:

Apply the latest version of the firmware provided by the vendor.


For other XR series users:

As of 2008 July 22, there are no updates for other XR series from the vendor.
According to the vendor, the updates for other XR series will be released soon.


For more information, refer to the vendor's website.

Vendor Status

Vendor Status Last Update Vendor Notes
Century Systems Co., Ltd. Vulnerable 2008/07/22

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Analyzed on 2008.07.22

Measures Conditions Severity
Access Required Routed - can be attacked over the Internet using packets
  • High
Authentication None - anonymous or no authentication (IP addresses do not count)
  • High
User Interaction Required Simple - the user must be convinced to take a standard action that does not feel harmful to most users, such as click on a link or view a file
  • Medium
Exploit Complexity Low - little to no expertise and/or luck required to exploit (cross-site scripting)
  • High

Description of each analysis measures

Credit

Hirotaka Katagiri reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia JVNDB-2008-000042

Update History