Details of VAR-200909-0057

ID

VAR-200909-0057

CVE

CVE-2008-7165

TITLE

Alice Gate2 Plus Wi-Fi Router Cross-Site Request Forgery Vulnerability

Trust: 0.9

sources: BID: 27374 // CNNVD: CNNVD-200909-067

DESCRIPTION

Cross-site request forgery in cp06_wifi_m_nocifr.cgi in the administrator panel in TELECOM ITALIA Alice Gate2 Plus Wi-Fi allows remote attackers to hijack the authentication of administrators for requests that disable Wi-Fi encryption via certain values for the wlChannel and wlRadioEnable parameters. Alice Gate2 Plus Wi-Fi routers are prone to a cross-site request-forgery vulnerability. An attacker can exploit this issue to alter administrative configuration on affected devices. Specifically, altering the wireless encryption settings on devices has been demonstrated. Other attacks may also be possible. ---------------------------------------------------------------------- A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched. The vulnerability is caused due to the device allowing users to perform certain actions via HTTP requests, without checking the validity of the request or proper authentication of the user sending the request. This can be exploited by malicious people to e.g. disable the encryption of the wireless network by tricking a user into visiting a malicious site. SOLUTION: Visit trusted sites only. Use a firewall to restrict access to the affected device. PROVIDED AND/OR DISCOVERED BY: WarGame/DoomRiderz ORIGINAL ADVISORY: http://vx.netlux.org/wargamevx/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.98

sources: NVD: CVE-2008-7165 // JVNDB: JVNDB-2009-003140 // BID: 27374 // PACKETSTORM: 63055

IOT TAXONOMY

category:

['network device']

sub_category:

router

Trust: 0.1

sources: OTHER: None

AFFECTED PRODUCTS

vendor:	alice	model:	gate2 plus wi-fi	scope:	-	version:	-	Trust: 1.4
vendor:	alice	model:	gate2 plus wi-fi	scope:	eq	version:	*	Trust: 1.0
vendor:	alice it	model:	gate2 plus wi-fi	scope:	eq	version:	0	Trust: 0.3

sources: BID: 27374 // JVNDB: JVNDB-2009-003140 // CNNVD: CNNVD-200909-067 // NVD: CVE-2008-7165

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2008-7165
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2008-7165
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200909-067
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2008-7165
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8

sources: JVNDB: JVNDB-2009-003140 // CNNVD: CNNVD-200909-067 // NVD: CVE-2008-7165

PROBLEMTYPE DATA

problemtype:

CWE-352

Trust: 1.8

sources: JVNDB: JVNDB-2009-003140 // NVD: CVE-2008-7165

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200909-067

TYPE

cross-site request forgery

Trust: 0.6

sources: CNNVD: CNNVD-200909-067

CONFIGURATIONS

sources: JVNDB: JVNDB-2009-003140

PATCH

title:

Alice Gate2 Plus Wi-Fi

url:

http://assistenzatecnica.telecomitalia.it/at/portals/assistenzatecnica.portal?_nfpb=true&_pageLabel=GuideBook&nodeId=/AT_REPOSITORY/20005

Trust: 0.8

sources: JVNDB: JVNDB-2009-003140

EXTERNAL IDS

db:	NVD	id:	CVE-2008-7165	Trust: 2.8
db:	BID	id:	27374	Trust: 1.9
db:	SECUNIA	id:	28618	Trust: 1.7
db:	OSVDB	id:	40739	Trust: 1.6
db:	JVNDB	id:	JVNDB-2009-003140	Trust: 0.8
db:	XF	id:	2	Trust: 0.6
db:	XF	id:	39831	Trust: 0.6
db:	BUGTRAQ	id:	20080121 FLAW IN ALICE GATE2 PLUSWIFI ADSL MODEM	Trust: 0.6
db:	CNNVD	id:	CNNVD-200909-067	Trust: 0.6
db:	OTHER	id:	NONE	Trust: 0.1
db:	PACKETSTORM	id:	63055	Trust: 0.1

sources: OTHER: None // BID: 27374 // JVNDB: JVNDB-2009-003140 // PACKETSTORM: 63055 // CNNVD: CNNVD-200909-067 // NVD: CVE-2008-7165

REFERENCES

url:	http://www.securityfocus.com/bid/27374	Trust: 1.6
url:	http://secunia.com/advisories/28618	Trust: 1.6
url:	http://osvdb.org/40739	Trust: 1.6
url:	http://www.securityfocus.com/archive/1/486733/100/200/threaded	Trust: 1.0
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/39831	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-7165	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-7165	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/39831	Trust: 0.6
url:	http://www.securityfocus.com/archive/1/archive/1/486733/100/200/threaded	Trust: 0.6
url:	http://aiuto.alice.it/informazioni/modemadsl/alice_gate2adv.html	Trust: 0.3
url:	/archive/1/486733	Trust: 0.3
url:	https://ieeexplore.ieee.org/abstract/document/10769424	Trust: 0.1
url:	http://vx.netlux.org/wargamevx/	Trust: 0.1
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	https://psi.secunia.com/?page=changelog	Trust: 0.1
url:	https://psi.secunia.com/	Trust: 0.1
url:	http://secunia.com/product/17350/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/28618/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1

sources: OTHER: None // BID: 27374 // JVNDB: JVNDB-2009-003140 // PACKETSTORM: 63055 // CNNVD: CNNVD-200909-067 // NVD: CVE-2008-7165

CREDITS

WarGame/DoomRiderz is credited with the discovery of this vulnerability.

Trust: 0.9

sources: BID: 27374 // CNNVD: CNNVD-200909-067

SOURCES

db:	OTHER	id:	-
db:	BID	id:	27374
db:	JVNDB	id:	JVNDB-2009-003140
db:	PACKETSTORM	id:	63055
db:	CNNVD	id:	CNNVD-200909-067
db:	NVD	id:	CVE-2008-7165

LAST UPDATE DATE

2025-04-10T21:58:35.020000+00:00

SOURCES UPDATE DATE

db:	BID	id:	27374	date:	2015-05-07T17:33:00
db:	JVNDB	id:	JVNDB-2009-003140	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200909-067	date:	2009-09-09T00:00:00
db:	NVD	id:	CVE-2008-7165	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	BID	id:	27374	date:	2008-01-21T00:00:00
db:	JVNDB	id:	JVNDB-2009-003140	date:	2012-06-26T00:00:00
db:	PACKETSTORM	id:	63055	date:	2008-01-29T00:00:58
db:	CNNVD	id:	CNNVD-200909-067	date:	2009-09-04T00:00:00
db:	NVD	id:	CVE-2008-7165	date:	2009-09-04T10:30:01.860