|
|
|
![]() |
|
Strumenti |
![]() |
#1 |
Senior Member
Iscritto dal: Feb 2003
Città: Torino
Messaggi: 3708
|
Alice Gate2 Plus Wi-Fi Cross-Site Request Forgery Vulnerability
Secunia Advisory: SA28618
Release Date: 2008-01-28 Critical: Less critical Impact: Security Bypass Cross Site Scripting Where: From remote Solution Status: Unpatched OS: Alice Gate2 Plus Wi-Fi Description: WarGame/DoomRiderz has reported a vulnerability in Alice Gate2 Plus Wi-Fi, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site request forgery attacks. The vulnerability is caused due to the device allowing users to perform certain actions via HTTP requests, without checking the validity of the request or proper authentication of the user sending the request. This can be exploited by malicious people to e.g. disable the encryption of the wireless network by tricking a user into visiting a malicious site. Solution: Visit trusted sites only. Use a firewall to restrict access to the affected device. Bollettino di Sicurezza |
![]() |
![]() |
![]() |
Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 05:26.