cnvd - cnvd-2015-00164

CNVD-2015-00164

Vulnerability from cnvd - Published: 2015-01-09

Title

Smoothwall Express存在多个跨站请求伪造漏洞

Description

Smoothwall Express是一套基于Linux系统的路由防火墙软件。该软件提供路由、防火墙、NAT、VPN、IDS、动态DNS、内外网访问控制、网络流量控制和监控，以及日志记录等功能。 Smoothwall Express存在多个跨站请求伪造漏洞，允许远程攻击者通过对httpd/cgi-bin/changepwcgi的请求劫持更改管理员或拨号密码身份的验证。

Severity

中

Formal description

目前没有详细的解决方案： http://www.smoothwall.org

Reference

http://packetstormsecurity.com/files/129698/SmoothWall-3.1-Cross-Site-Request-Forgery-Cross-Site-Scripting.html http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9431

Impacted products

Name
['SmoothWall Express 3.0 sp3', 'SmoothWall Express 3.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2014-9431"
    }
  },
  "description": "Smoothwall Express\u662f\u4e00\u5957\u57fa\u4e8eLinux\u7cfb\u7edf\u7684\u8def\u7531\u9632\u706b\u5899\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u63d0\u4f9b\u8def\u7531\u3001\u9632\u706b\u5899\u3001NAT\u3001VPN\u3001IDS\u3001\u52a8\u6001DNS\u3001\u5185\u5916\u7f51\u8bbf\u95ee\u63a7\u5236\u3001\u7f51\u7edc\u6d41\u91cf\u63a7\u5236\u548c\u76d1\u63a7\uff0c\u4ee5\u53ca\u65e5\u5fd7\u8bb0\u5f55\u7b49\u529f\u80fd\u3002\r\n\r\nSmoothwall Express\u5b58\u5728\u591a\u4e2a\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u5bf9httpd/cgi-bin/changepwcgi\u7684\u8bf7\u6c42\u52ab\u6301\u66f4\u6539\u7ba1\u7406\u5458\u6216\u62e8\u53f7\u5bc6\u7801\u8eab\u4efd\u7684\u9a8c\u8bc1\u3002",
  "discovererName": "Yann CAM @ Synetis",
  "formalWay": "\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u89e3\u51b3\u65b9\u6848\uff1a\u00a0\r\nhttp://www.smoothwall.org",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-00164",
  "openTime": "2015-01-09",
  "products": {
    "product": [
      "SmoothWall Express 3.0 sp3",
      "SmoothWall Express 3.1"
    ]
  },
  "referenceLink": "http://packetstormsecurity.com/files/129698/SmoothWall-3.1-Cross-Site-Request-Forgery-Cross-Site-Scripting.html\r\nhttp://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9431",
  "serverity": "\u4e2d",
  "submitTime": "2015-01-08",
  "title": "Smoothwall Express\u5b58\u5728\u591a\u4e2a\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e"
}

CVE-2014-9431 (GCVE-0-2014-9431)

Vulnerability from cvelistv5 – Published: 2014-12-31 22:00 – Updated: 2024-08-06 13:47

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in Smoothwall Express 3.1 and 3.0 SP3 allow remote attackers to hijack the authentication of administrators for requests that change the (1) admin or (2) dial password via a request to httpd/cgi-bin/changepw.cgi.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://packetstormsecurity.com/files/129698/Smoot…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:47:41.580Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "smoothwall-multiple-csrf(99403)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99403"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/129698/SmoothWall-3.1-Cross-Site-Request-Forgery-Cross-Site-Scripting.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-12-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Smoothwall Express 3.1 and 3.0 SP3 allow remote attackers to hijack the authentication of administrators for requests that change the (1) admin or (2) dial password via a request to httpd/cgi-bin/changepw.cgi."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-07T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "smoothwall-multiple-csrf(99403)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99403"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/129698/SmoothWall-3.1-Cross-Site-Request-Forgery-Cross-Site-Scripting.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2014-9431",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Smoothwall Express 3.1 and 3.0 SP3 allow remote attackers to hijack the authentication of administrators for requests that change the (1) admin or (2) dial password via a request to httpd/cgi-bin/changepw.cgi."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "smoothwall-multiple-csrf(99403)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99403"
            },
            {
              "name": "http://packetstormsecurity.com/files/129698/SmoothWall-3.1-Cross-Site-Request-Forgery-Cross-Site-Scripting.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/129698/SmoothWall-3.1-Cross-Site-Request-Forgery-Cross-Site-Scripting.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2014-9431",
    "datePublished": "2014-12-31T22:00:00",
    "dateReserved": "2014-12-31T00:00:00",
    "dateUpdated": "2024-08-06T13:47:41.580Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2015-00164

CVE-2014-9431 (GCVE-0-2014-9431)

Tags

Sightings

Nomenclature