Nov12
0

Cisco EPC3925 – CSRF Vulnerability

Security Findings Share this post

The Cisco EPC3925 is a cable modem/router which is commonly used in the Netherlands by cable internet providers.

The following video demonstrates that the web interface of of the Cisco EPC3925 is vulnerable to Cross Site Request Forgery.

In this attack scenario, the password to the administrative interface is changed by the attacker. An extra problem in this scenario is that the web interface does not require the old password before changing it.

CVE-ID: CVE-2013-6976

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePin on PinterestShare on RedditDigg thisShare on TumblrShare on YummlyShare on StumbleUponFlattr the author

About the Author

JDiel

Currently I am working as an Information Security Consultant & Project Manager at Comsec Consulting. I provide consulting in several areas of security including but not limited to: penetration testing, application vulnerability assessments, network vulnerability assessments, and wireless security. I also participate in PCI-DSS and PA-DSS certification projects.

Leave a Reply

Your email address will not be published. Required fields are marked *


three × 6 =

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">

Web Design MymensinghPremium WordPress ThemesWeb Development

GHOST: GNU C Library RCE Vulnerability

January 28, 2015January 28, 2015
In more detail, a heap-based buffer overflow was found in __nss_hostname_digits_dots(), which is used by the gethostbyname() and gethostbyname2() glibc function call.
[crayon-559767b67fb64395097232/]  

RCE in PolarSSL

January 19, 2015January 19, 2015
Dutch researchers have discovered RCE in PolarSSL. RCE is short for Remote Code Execution, which allows malicious users - in certain cases only  - to run code on the server. When a web server that uses PolarSSL processes an "evil certificate', the attack (Remote Code Execution) can be executed. An example when the attack is possible, is when a server is configured to check for client certificates. In this case the malicious user is not required to have a valid certificate or credentials. Sending a false certificate to the server is sufficient enough to execute the attack. In certain cases it is also found possible to attack users that connect to a web server that uses PolarSSL. The Dutch National Cyber Security Center released this document. The CVE-ID for this vulnerability is: CVE-2015-1182. More information can be found at PolarSSL.

UK: Ban encrypted messaging apps

January 13, 2015January 13, 2015
The British Prime Minister David Cameron is considering to ban encrypted messaging apps like Snapchat, CryptoCat, WhatsApp and Apple’s iMessage if the companies don't give the UK government backdoor access to their encrypted communications. Cameron said the Paris terror attacks outlined the need for greater access on the encrypted communications. In his remarks, the attacks were aimed at messaging apps that encrypt messages to secure users' communications. If he wins the next election and re-elected, he would seek to ban the encrypted communication apps as part of his plans for new surveillance powers. "The attacks in Paris demonstrated the scale of the threat that we face and the need to have robust powers through our intelligence and security agencies in order to keep our people safe.", Cameron said. Encryption became a hot topic in the wake of the National Security Agency whistle blower Edward Snowden’s revelations on NSA surveillance. The leaked files revealed that Skype has a backdoor, highlighted a broad online global surveillance of encryption companies. However, messaging companies such as WhatsApp remained committed to keeping their services encrypted so that the communications between their users remain unable to be read by authorities. The Prime Minister didn’t name specific apps that could be subject to the ban but a number of popular messaging apps that use encryption in some or the other form, including Snapchat, WhatsApp, iMessage and FaceTime, should be considered in the list.

XBOX One SDK Leaked

January 3, 2015January 3, 2015
The XBOX One SDK leaked earlier this week by a group that call themselves H4LT. The software development kit (or SDK) for the Xbox One is circulating on the internet. This potentially opens the door for homemade applications and allowing unapproved developers to create homebrew for the system. [caption id="attachment_851" align="alignleft" width="300"]XBOX One SDK Setup XBOX One SDK Setup[/caption]                 [caption id="attachment_850" align="alignleft" width="300"]Install the XBOX One Software Development Kit Install the XBOX One Software Development Kit[/caption]                 H4LT said that there are currently no exploits available which allow a developer to run homebrew code on the XBOX One. By leaking it to the public they hope that someone familiar with the inner workings of Windows 8 will be able to dig through the files and find something interesting in the near future. H4LT quoted: "Once the SDK is out, people who have knowledge or has in the past reversed files related to the Windows (8) operating system should definitely have a go at reversing some files in there," the group added. "Why? Well, the Xbox One is practically a stripped Windows 8 device and has introduced a new package format that hasn't had much attention. This format is responsible for updating the console and storing applications (Games are under the category of 'Applications' on the Xbox One) and is a modification of Virtual Hard Disks."