Daily Archives: March 22, 2012

Wolfcms <= 0.75 Multiple Vulnerabilities

Posted on
Reply

Wolfcms 0.75 (and lower) is prone to multiple CSRF vulnerabilities that allow to delete admin/user, delete web pages, delete “images” and “themes” directory, force logoutĀ  when an authenticated admin/user browses a special crafted web page.
This cms is also affected by XSS vulnerabilities in “wolfcms/admin/user/add” pages due to an improper input sanitization of “user[name]”, “user[email]” and “user[username]” parameters passed via POST http method.

To view my Original Advisory:
Wolfcms 0.75 Multiple Vulnerabilities (CSRF-XSS)

Other related publications:
Inj3ct0r
Packet Storm
Secunia
Kaspersky Lab
Offensive Security DB
IBM X-Force Wolfcsm XSS
IBM X-Force Wolfcms CSRF
OSVDB
NIST – NVDB

 

Sitecom WLM-2501 new Multiple CSRF Vulnerabilities

Posted on
Reply

The web interface of this router is affected by multiple CSRF vulnerabilities which allows to change the following device’s parameters:

    • Disable Mac Filtering
    • Disable/Modify IP/Port Filtering
    • Disable/Modify Port Forwarding
    • Disable/Modify Wireless Access Control
    • Disable Wi-Fi Protected Setup
    • Disable/Modify URL Blocking Filter
    • Disable/Modify Domain Blocking Filter
    • Disable/Modify IP Address ACL
    • Change Wireless Passphrase
    • Enable/Modify Remote Access (also on WAN interface)

To view my Original Advisory:
Sitecom WLM-2501 new Multiple CSRF Vulnerabilities

MITRE CVE Numbering Authority assigned me CVE-2012-1921 andĀ CVE-2012-1922 for these vulnerabilities.

Other related publications:
Secunia Advisory SA48840
Inj3ct0r
Packet Storm
Offensive Security DB
Security Focus
IBM X-Force
OSVDB
http://packetstormsecurity.org/files/111941/Secunia-Security-Advisory-48840.html