JVN#71872818
AirStation series and BroadStation series vulnerable to cross-site request forgery
Overview
Buffalo's AirStation Series and BroadStation Series routers are vulnerable to cross-site request forgery.
Products Affected
- WZR-RS-G54 firmware Ver.2.46 and earlier
- WZR-RS-G54HP firmware Ver.2.43 and earlier
- WHR2-G54V firmware Ver.2.42 and earlier
- BHR-4RV firmware Ver.2.48 and earlier
Description
Buffalo's AirStation series and BroadStation series routers have a web administration interface that can be accessed from a web browser to configure their functional settings. The web administration interface is vulnerable to cross-site request forgery.
Impact
If the administrator of such a product logs into the web administration interface and views a malicious website, an attacker could change the password or other settings.
Solution
Update the Software
Apply firmware upgrades for each product.
References
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Analyzed on 2007.10.12
| Measures | Conditions | Severity |
|---|---|---|
| Access Required | Routed - can be attacked over the Internet using packets |
|
| Authentication | None - anonymous or no authentication (IP addresses do not count) |
|
| User Interaction Required | Simple - the user must be convinced to take a standard action that does not feel harmful to most users, such as click on a link or view a file |
|
| Exploit Complexity | Low - little to no expertise and/or luck required to exploit (cross-site scripting) |
|
Credit
Sen UENO of Tricorder Co.Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE | |
| JVN iPedia |
JVNDB-2007-000875 |